Search
Total
1243 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-13750 | 1 Richiumtoken Project | 1 Richiumtoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for RichiumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13765 | 1 Landcoin Project | 1 Landcoin | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for LandCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13755 | 1 Otakutoken Project | 1 Otakutoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for OTAKUToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13756 | 1 Cherrycoinfoundation Project | 1 Cherrycoinfoundation | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for CherryCoinFoundation, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13757 | 1 Coinquer Project | 1 Coinquer | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Coinquer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13758 | 1 Lolicoin Project | 1 Lolicoin | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for LoliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13759 | 1 Bigcadvancedtoken Project | 1 Bigcadvancedtoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for BIGCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13761 | 1 Netkilleradvancedtokenairdrop Project | 1 Netkilleradvancedtokenairdrop | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for NetkillerAdvancedTokenAirDrop, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13762 | 1 Yumerium Project | 1 Yumerium | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Yumerium, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13763 | 1 Ublasti Project | 1 Ublasti | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Ublasti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13764 | 1 Biqutoken Project | 1 Biqutoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for BiquToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13766 | 1 Easticoin Project | 1 Easticoin | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Easticoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13767 | 1 Cornerstone Project | 1 Cornerstone | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Cornerstone, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13770 | 1 Ultimatecoin Project | 1 Ultimatecoin | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for UltimateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13769 | 1 Jeanstoken Project | 1 Jeanstoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for JeansToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13768 | 1 Ztoken Project | 1 Ztoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for ZToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13774 | 1 Bitstarti Project | 1 Bitstarti | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Bitstarti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13773 | 1 Netkillertoken Project | 1 Netkillertoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Enterprise Token Ecosystem (ETE) (Contract Name: NetkillerToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13772 | 1 Theflashtoken Project | 1 Theflashtoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for TheFlashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13771 | 1 Exacorecontract Project | 1 Exacorecontract | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for ExacoreContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13780 | 1 Esh Project | 1 Esh | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for ESH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13775 | 1 Rckt Coin Project | 1 Rckt Coin | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for RCKT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13776 | 1 Appletoken Project | 1 Appletoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for AppleToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13777 | 1 Rrtoken Project | 1 Rrtoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for RRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13778 | 1 Cgctoken Project | 1 Cgctoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for CGCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13779 | 1 Ylctoken Project | 1 Ylctoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13783 | 1 Jiucaitoken Project | 1 Jiucaitoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for JiucaiToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-14001 | 1 Sharktech Project | 1 Sharktech | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. An attacker could use it to set any user's balance. | |||||
| CVE-2018-13782 | 1 Entercoin Project | 1 Entercoin | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13723 | 1 Servviziotoken Project | 1 Servviziotoken | 2018-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for SERVVIZIOToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2016-9387 | 1 Jasper Project | 1 Jasper | 2018-06-29 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure. | |||||
| CVE-2018-11239 | 1 Hexagontoken | 1 Hexagon | 2018-06-26 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as exploited in the wild in May 2018, aka the "burnOverflow" issue. | |||||
| CVE-2018-10706 | 1 Social-chain | 1 Social Chain | 2018-06-14 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow in the transferMulti function of a smart contract implementation for Social Chain (SCA), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets, aka the "multiOverflow" issue. | |||||
| CVE-2018-10973 | 1 Koreashow Project | 1 Koreashow | 2018-06-14 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _value parameters. | |||||
| CVE-2018-10376 | 1 Smartmesh | 1 Smartmesh | 2018-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow in the transferProxy function of a smart contract implementation for SmartMesh (aka SMT), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _fee and _value parameters, as exploited in the wild in April 2018, aka the "proxyOverflow" issue. | |||||
| CVE-2016-5261 | 1 Mozilla | 1 Firefox | 2018-06-12 | 7.5 HIGH | 8.8 HIGH |
| Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering. | |||||
| CVE-2017-12109 | 1 Libxls Project | 1 Libxls | 2018-05-25 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | |||||
| CVE-2017-12108 | 1 Libxls Project | 1 Libxls | 2018-05-25 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULBLANK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | |||||
| CVE-2018-6917 | 1 Freebsd | 1 Freebsd | 2018-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Unprivileged users may be able to access privileged kernel data. | |||||
| CVE-2015-8895 | 1 Imagemagick | 1 Imagemagick | 2018-05-18 | 5.0 MEDIUM | 7.5 HIGH |
| Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow. | |||||
| CVE-2018-5820 | 1 Google | 1 Android | 2018-05-08 | 7.5 HIGH | 7.3 HIGH |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the function wma_tbttoffset_update_event_handler(), a parameter received from firmware is used to allocate memory for a local buffer and is not properly validated. This can potentially result in an integer overflow subsequently leading to a heap overwrite. | |||||
| CVE-2017-15836 | 1 Google | 1 Android | 2018-05-08 | 7.5 HIGH | 7.3 HIGH |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if the firmware sends a service ready event to the host with a large number in the num_hw_modes or num_phy, then it could result in an integer overflow which may potentially lead to a buffer overflow. | |||||
| CVE-2016-10159 | 1 Php | 1 Php | 2018-05-04 | 5.0 MEDIUM | 7.5 HIGH |
| Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive. | |||||
| CVE-2016-10168 | 1 Libgd | 1 Libgd | 2018-05-04 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. | |||||
| CVE-2014-2885 | 1 Truecrypt Project | 1 Truecrypt | 2018-04-20 | 3.6 LOW | 7.1 HIGH |
| Multiple integer overflows in TrueCrypt 7.1a allow local users to (1) obtain sensitive information via vectors involving a crafted item->OriginalLength value in the MainThreadProc function in EncryptedIoQueue.c or (2) cause a denial of service (memory consumption) via vectors involving large StartingOffset and Length values in the ProcessVolumeDeviceControlIrp function in Ntdriver.c. | |||||
| CVE-2017-15325 | 1 Huawei | 10 Prague-al00a, Prague-al00a Firmware, Prague-al00b and 7 more | 2018-04-19 | 9.3 HIGH | 7.8 HIGH |
| The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution. | |||||
| CVE-2017-12110 | 1 Libxls Project | 1 Libxls | 2018-04-18 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution. | |||||
| CVE-2017-7294 | 1 Linux | 1 Linux Kernel | 2018-04-12 | 7.2 HIGH | 7.8 HIGH |
| The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device. | |||||
| CVE-2017-16612 | 3 Canonical, Debian, X | 3 Ubuntu Linux, Debian Linux, Libxcursor | 2018-04-11 | 5.0 MEDIUM | 7.5 HIGH |
| libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0. | |||||
| CVE-2017-14887 | 1 Google | 1 Android | 2018-04-05 | 4.6 MEDIUM | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of messages of type eWNI_SME_MODIFY_ADDITIONAL_IES, an integer overflow leading to heap buffer overflow may potentially occur. | |||||