Exploit `cancelOrder()` with re-entrancy to steal funds

Orders will be overwritten if multiple orders are created by the same sender within the same block

`StopLimit` contract grant max allowance leading to a loss of funds

`orders[orderId]` mapping is not updated when the order is canceled

The `owner` of the `procureTokens` function can be set to an arbitrary address

Create order can be DOSed as there is no compulsory fee collected during the creation/cancellation of orders

`OracleLess` does not restrict the maximum number of pending orders

`StopLimit` order cannot be filled under certain condition

Pyth Oracle's Stale Price check is incorrect

Managed veAERO NFT can be exploited to steal funds from lenders

`TaxTokensReceipt` cannot be auctioned off to repay lenders during a default

Delete/cancel buy order function only returns remaining tokens, but forget to return any NFT purchase so far

No one can sell `TaxTokensReceipts` NFT receipt to the buy order

MixOracle is broken due to hardcoded position

Funds stuck in `DebitaIncentives` contract

New owner of veNFT receipt can be griefed by existing manager

Users can be griefed due to lack of minimum size within the Loan and Offer

Borrower can obtain principle tokens without paying collateral tokens

"Just-in-time" attack against incentive mechanism

Reward tokens earned will be lost as `_updateReward` function was not executed

Incorrect fee math leading to a loss of funds

`settleUpnl` function can be DOSed by other PartyBs/hedgers

Unauthorized PartyB could settle PNL of other PartyBs and users in the system

Force Close can be DOSed by exploiting `settleUpnl` function

Emergency close might be blocked due to insufficient allocated balance

Inconsistent in the liquidation fee leads to unfairness in liquidation process

Incorrect valuation of vault share

Loss of rewards due to continuous griefing attacks on L2 environment

Malicious withdrawal requests can be injected into the holder's queue

Users can deny the vault from claiming reward tokens

Malicious users can steal reward tokens via re-entrancy attack

Wrong decimal precision resulted in the price being inflated

Incorrect assumption that PT rate is 1.0 post-expiry

Lack of slippage control on `_redeemPT` function

Reward token will be lost if a transfer fails

`rescueTokens` feature is broken

Protocol could be DOS by transfer error due to lack of code length check

Wrong precision when adding balance within the `restoreBridgeTransaction` function

Suspended bridge transactions cannot be restored

Collateral can still be allocated to PartyA when the system is paused by exploiting the new internal transfer function

PartyA's allocated balance could increase after `deferredLiquidatePartyA` is executed

Deferred Liquidation can get stuck at step one of the liquidation process if the nonce increment

Users can exploit the batch minting feature to avoid paying minting fees for tokens

Original collection referrer will be overwritten when a new collection/work is created

Collection referrers will not receive their share of the minting fee

Minting can be DOSed by any of the fee recipients

Excess ETH will be stuck in the Fee Manager contract and not swept back to the users

Malicious users can block creators from acknowledging or deacknowledging an edge

Incorrect `supportsInterface` (EIP-165)

Signature is malleable

Broken batch minting feature

Constructor is used during initialization when a proxy pattern is used

New creators unable to update the royalty target and the fee route for their works

Malicious EDITION_MANAGER_ROLE can front-run victims to increase royalty

Malicious users could grief innocent users into receiving fewer points

The issue titled "Oracle can return different prices in same transaction" is not remediated.

Code asymmetry of `globalPositions.marginDepositedTotal`

Using minimum timestamp across all signatures could drain the gateway

YT holder are unable to claim their interest

LP Tokens always valued at 3 PTs

Victim's fund can be stolen due to rounding error and exchange rate manipulation

`swapUnderlyingForYt` revert due to rounding issues

Unable to deposit to Tranche/Adaptor under certain conditions

FRAX admin can adjust fee rate to harm Napier and its users

Benign esfrxETH holders incur more loss than expected

Anyone can convert someone's unclaimed yield to PT + YT

Lack of slippage control for `issue` function

Withdrawal can be blocked

Users unable to withdraw their funds due to FRAX admin action

`withdraw` function does not comply with ERC5095

Users are unable to collect their yield if tranche is paused

Front-running swap TX and update the fee rate

Permissioned rebalancing functions leading to loss of assets

Incorrect handling of PnL during liquidation

`marginDepositedTotal` can be significantly inflated

Position can be immediately liquidated after opening

Asymmetry in profit and loss (PnL) calculations

Incorrect price used when updating the global position data

Oracle will not failover as expected during liquidation

Large amounts of points can be minted virtually without any cost

Vault Inflation Attack

Long traders unable to withdraw their assets

Losses of some long traders can eat into the margins of others

Residual ETH will not be sent back to users during the minting of wfCash

Residual ETH not sent back when `batchBalanceAndTradeAction` executed

Malicious users could block liquidation or perform DOS

Unable to limit the loss when redeeming wfCash before maturity

Low precision is used when checking spot price deviation

External lending can exceed the threshold

Incorrect rate used when fCash has not settled yet

Rebalance will be delayed due to revert

Rebalance might be skipped even if the external lending is unhealthy

Rounding differences when computing the invariant

Reward tokens are re-entered during vault restoration

Incorrect scaling of the spot price

Incorrect Spot Price

Incorrect invariant used for Balancer's composable pools

Unable to reinvest if the reward token equals one of the pool tokens

Different spot prices used during the comparison

Native ETH not received when removing liquidity from Curve V2 pools

Single-sided instead of proportional exit is performed during emergency exit

ETH can be sold during reinvestment

BPT LP Token could be sold off during re-investment

Leverage Vault on sidechains that support Curve V2 pools is broken

Ineffective liquidation signatures expiration mechanism

`depositAndAllocateForAccount` is broken due to incorrect precision

Extra "money" is not taken into consideration while determining the solvency

Insufficient allowance when queuing reward

Price of Maverick LP tokens is vulnerable to manipulation

Stat calculator returns incorrect report for swETH

Incorrect approach to tracking the PnL of a DV

WETH is stuck in the router if users deposit or mint with Native ETH

Swap during liquidation of reward tokens will revert

Convex/Aura claim reward front-run attack

Inflated price due to unnecessary precision scaling

Immediately start getting rewards belonging to others after staking

Differences between actual and cached total assets can be arbitraged

Claimed tokens obtained during the burning of DV shares are overwritten

Gain From LMPVault Can Be Stolen

Incorrect pricing for CurveV2 LP Token

Incorrect number of shares minted as fee

`removeVault` did not remove the vault from `_vaultsByType` mapping

Unable to withdraw extra rewards

Malicious or compromised admin of certain LSTs could manipulate the price

Slow reaction to the market condition due to the filter's high alpha

`previewRedeem` and `redeem` functions deviate from the ERC4626 specification

Losses are not distributed equally

`feeSink` address should not be subjected to limit

Malicious users could lock in the NAV/Share of the DV to cause the loss of fees

Price returned by Oracle is not verified

Unexpected revert during withdrawal

Malicious users could use back old values

`navPerShareHighMark` not reset to 1.0

Lack of segregation between users' assets and collected fees resulting in loss of funds for the users

Users' funds could be stolen or locked by malicious or rouge owners

Owners will incur loss and bad debt if the value of a token crashes

Owner unable to collect fulfillment fee from certain users due to revert error

`depositAndAllocateForPartyB` is broken due to incorrect precision

Accounting error in PartyB's pending locked balance led to loss of funds

Malicious liquidators could inject stale symbol pricing during the liquidation process of PartyA

Unrealized profit and loss (uPnL) signature (`upnlSig`) can be re-used and replayed as nonce is not incremented

Liquidation can be blocked by incrementing the nonce

Liquidation of PartyA will fail due to underflow errors

Liquidatable account will be locked

Using spot trading fee to compute the refunded amount lead to a loss of funds

Malicious PartyB can block unfavorable close position requests causing a loss of profits for PartyB

Users might immediately be liquidated after position opening leading to a loss of CVA and Liquidation fee

Liquidator not incentivized to liquidate `LATE` or `OVERDUE` account as there is no rewards

Suspended PartyBs can bypass the withdrawal restriction by exploiting `fillCloseRequest`

Imbalanced approach of distributing the liquidation fee within `setSymbolsPrice` function

`emergencyClosePosition` can be blocked

Vulnerable to replay attack as `lockQuote` did not increment PartyB's nonce

Hedgers are not incentivized to respond to user's closing requests

Position value can fall below the minimum acceptable quote value

Rounding error when closing quote

`VaultAccountSecondaryDebtShareStorage.maturity` will be cleared prematurely

StrategyVault can perform a full exit without repaying all secondary debt

Unable to transfer fee reserve assets to treasury

Excess funds withdrawn from the money market

Possible to liquidate past the debt outstanding above the min borrow without liquidating the entire debt outstanding

Residual amount is not refunded

Vaults can avoid liquidations by not letting their vault account be settled

Users can deny the treasury manager contract from claiming `COMP` incentives

Possible to create vault positions ineligible for liquidation

Partial liquidations are not possible

Vault accounts with excess cash can avoid being settled

A single external protocol can DOS rebalancing process

Inadequate slippage control

Inconsistent use of `VAULT_ACCOUNT_MIN_TIME` in vault implementation

Return data from the external call not verified during deposit and redemption

Treasury rebalance will fail due to interest accrual

Debt cannot be repaid without redeeming vault share

Vault account might not be able to exit after liquidation

Rebalance process reverts due to zero amount deposit and redemption

Inaccurate settlement reserve accounting

Rebalance stops working when more holdings are added

Underlying delta is calculated on internal token balance

Secondary debt dust balances are not truncated

No minimum borrow size check against secondary debts

It may be possible to liquidate on behalf of another account

"Equilibrium price" is not used to compute the capacity (OSDA Only)

Slippage/Minimum amount does not work during single-side redemption

Ineffective slippage mechanism when redeeming proportionally

Risk of reward tokens being sold by malicious users under certain conditions

Curve vault will undervalue or overvalue the LP Pool tokens if it comprises tokens with different decimals

Reinvest will return sub-optimal return if the pool is imbalanced

Users are forced to use the first pool returned by the Curve Registry

Logic Error due to different representation of Native ETH (0x0 & 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE)

Oracle slippage rate is used for checking primary and secondary ratio

`oracleSlippagePercentOrLimit` can exceed the `Constants.SLIPPAGE_LIMIT_PRECISION`

Migration Process Can Be DOSed By Anyone

Users redeem strategy tokens but receives no assets in return

`totalBPTSupply` will be excessively inflated

`msgValue` will not be populated if ETH is the secondary token

Token amounts are scaled up twice causing the amounts to be inflated in two token vault

Vault's `totalStrategyTokenGlobal` will not be in sync

Users deposit assets to the vault but receives no strategy token in return

Rounding differences when computing the invariant

Two token vault will be broken if it comprises tokens with different decimals

Scaling factor of the wrapped token is incorrect

Unable to deploy new leverage vault for certain MetaStable Pool

Anyone can steal CryptoPunk during the deposit flow to WPunkGateway

Anyone can prevent themselves from being liquidated as long as they hold one of the supported NFTs

New BAKC Owner Can Steal ApeCoin

NTokenMoonBirds Reserve Pool Cannot Receive Airdrops

Centralization risk: admin can with rug the project by removing asset and price manipulation on oracle.

The 'redeem' related functions are likely to be blocked

Users Receive Less Rewards Due To Miscalculations

Malicious Users Can Drain The Assets Of Auto Compound Vault

User's Accrued Rewards Will Be Lost

Underlying assets stealing in `AutoPxGmx` and `AutoPxGlp` via share price manipulation

Assets may be lost when calling unprotected `AutoPxGlp::compound` function

Deposit Feature Of The Vault Will Break If Update To A New Platform

Anyone can call AutoPxGmx.compound and perform sandwich attacks with control parameters

Debt Decay Faster Than Expected

Auctioneer Cannot Be Removed From The Protocol

`BondAggregator.findMarketFor` Function Will Break In Certain Conditions

Create Fee Discount Feature Is Broken

Teller Cannot Be Removed From Callback Contract

Market Price Lower Than Expected

Existing Circuit Breaker Implementation Allow Faster Taker To Extract Payout Tokens From Market

Transferring Ownership Might Break The Market

User's Assets Can Be Locked If Admin Is Compromised Or Turned Rouge

Normal Settlement Process Do Not Verify That The Vault Receives The Appropriate Amount Of Primary Tokens After Sale Of Secondary Tokens

Did Not Approve To Zero First

Corruptible Upgradability Pattern

`CrossCurrencyfCashVault` Cannot Be Upgraded

Attackers Can DOS Balancer Vaults By Bypassing The BPT Threshold

Rely On Balancer Oracle Which Is Not Updated Frequently

Existing Slippage Control Can Be Bypassed During Reinvest Rewards

Vault Share/Strategy Token Calculation Can Be Broken By First User/Attacker

Balancer Vault Will Receive Fewer Assets As The Current Design Does Not Serve The Interest Of Vault Shareholders

`CrossCurrencyfCashVault` Cannot Settle Its Assets In Pieces

Malicious Users Can Deny Notional Treasury From Receiving Fee

Gain From Balancer Vaults Can Be Stolen

No Validation Check Against Decimal Of Secondary Token

Missing State Update Causing More Shares To Be Minted And Fewer Assets To Be Returned

Protocol Reserve Within A LToken Vault Can Be Lent Out

Re-entrancy Risk Within The `withdraw` Function

Token Without Price Oracle Can Cause Asset To Be Locked

Chainlink's LatestRoundData Might Return Stale Results

Internal Accounting Issue Due To Fee-On-Transfer/Rebasing Tokens

ERC4626Oracle Vulnerable To Price Manipulation

Previous {Operators/Weights/Threshold} Are Still Able To Sign Off New Commands After Operatorship Is Transferred

Fund will be stuck if a buyout is started while there are pending migration proposals

Steal NFTs from a Vault, and ETH + Fractional tokens from users.

Malicious User Could Burn The Assets After A Successful Migration

```migrateFractions``` may be called more than once by the same user which may lead to loss of tokens for other users

Malicious Users Can Exploit Residual Allowance To Steal Assets

An attacker can DoS vault's buyout with as little as 1 wei per 4 days

A VAULT OWNER CAN FRONTRUN A PLUGIN CALL AND CHANGE ITS IMPLEMENTATION

Use of `payable.transfer()` may lock user funds

Order duration can be set to 0 by Malicious maker

`fillOrder()` and `exercise()` may lock Ether sent to the contract, forever

Unbounded loops may cause `exercise()`s and `withdraw()`s to fail

[Denial-of-Service] Contract Owner Could Block Users From Withdrawing Their Strike

Putty position tokens may be minted to non ERC721 receivers

Malicious Token Contracts May Lead To Locking Orders

NibblVault: In the buy function, users can avoid paying fees

Ineffective TWAV Implementation

User Could Change The State Of The System While In `Pause` Mode

Routers Are Not Enforced To Repay AAVE Portal Loan

Malicious Relayer Can Replay Execute Calldata On Different Chains Causing Double-Spend Issue

Router Owner Could Steal All The Funds Within SponsorVault

Single Error Within SponsorVault Contract Could Cause Entire Cross-Chain Communication To Break Down

Malicious Relayers Could Favor Their Routers

Malicious Relayer Could Cause A Router To Provide More Liquidity Than It Should

Router Owner Could Be Rugged By Admin

Did Not Approve To Zero First Causing Certain Token Transfer To Fail

division rounding error in _handleExecuteLiquidity() and _reconcile() make routerBalances and contract fund balance to get out of sync and cause fund lose

Relayer Will Not Receive Any Fee If `execute` Reverts

Rounding Issues In Certain Functions

Users Might Not Be Able To Purchase Or Redeem SetToken

Residual Allowance Might Allow Tokens In SetToken To Be Stolen

Gauge Rewards Stuck In `VoterProxy` Contract When `ExtraRewardStashV3` Is Used Within Angle Deployment

`VE3DRewardPool` and `VE3DLocker` adds to an unbounded array which may potentially lock all rewards in the contract

Unable To Get Rewards If Admin Withdraws $VE3D tokens From `VeTokenMinter` Contract

Misconfiguration of Fees Incentive Might Cause Tokens To Be Stuck In `Booster` Contract

Bribe Rewards Struck In Contract If Deposited During First Epoch

User rewards stop accruing after any _writeCheckpoint calling action

Bribe Rewards Not Collected In Current Period Will Be Lost Forever

Griefing Attack By Extending The Reward Duration

Ineffective ReserveRatio Enforcement

BathToken LPs Unable To Receive Bonus Token Due To Lack Of Wallet Setter Method

Attacker Could Steal Almost All The Bonus Token In BathBuddy Vesting Wallet

USDT is not supported because of approval mechanism

Lack of Access Control for offer(uint, ERC20, uint, ERC20) and insert(uint, unint)

Inconsistent Order Book Accounting When Working With Transfer-On-Fee or Deflationary Tokens

Strategists can take more rewards than they should using the function strategistBootyClaim().

No cap on fees can result in a DOS in BathToken.withdraw()

Outstanding Amount Of A Pool Reduced Although Tokens Are Not Repaid

Admin rug vectors

Use `safeTransfer()`/`safeTransferFrom()` instead of `transfer()`/`transferFrom()`

Use `call()` instead of `transfer()` when transferring ETH in RubiconRouter

Locking up AURA Token does not increase voting power of individual