Total
2006 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-13780 | 1 Esh Project | 1 Esh | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for ESH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13776 | 1 Appletoken Project | 1 Appletoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for AppleToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13777 | 1 Rrtoken Project | 1 Rrtoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for RRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13775 | 1 Rckt Coin Project | 1 Rckt Coin | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for RCKT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13778 | 1 Cgctoken Project | 1 Cgctoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for CGCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13783 | 1 Jiucaitoken Project | 1 Jiucaitoken | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for JiucaiToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-14001 | 1 Sharktech Project | 1 Sharktech | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. An attacker could use it to set any user's balance. | |||||
| CVE-2018-13782 | 1 Entercoin Project | 1 Entercoin | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13723 | 1 Servviziotoken Project | 1 Servviziotoken | 2018-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for SERVVIZIOToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2017-18257 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2018-07-03 | 4.9 MEDIUM | 5.5 MEDIUM |
| The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. | |||||
| CVE-2016-9262 | 1 Jasper Project | 1 Jasper | 2018-06-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities. | |||||
| CVE-2016-9387 | 1 Jasper Project | 1 Jasper | 2018-06-28 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure. | |||||
| CVE-2018-11239 | 1 Hexagontoken | 1 Hexagon | 2018-06-26 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as exploited in the wild in May 2018, aka the "burnOverflow" issue. | |||||
| CVE-2018-10706 | 1 Social-chain | 1 Social Chain | 2018-06-14 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow in the transferMulti function of a smart contract implementation for Social Chain (SCA), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets, aka the "multiOverflow" issue. | |||||
| CVE-2018-10973 | 1 Koreashow Project | 1 Koreashow | 2018-06-14 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _value parameters. | |||||
| CVE-2018-10376 | 1 Smartmesh | 1 Smartmesh | 2018-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow in the transferProxy function of a smart contract implementation for SmartMesh (aka SMT), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _fee and _value parameters, as exploited in the wild in April 2018, aka the "proxyOverflow" issue. | |||||
| CVE-2016-5261 | 1 Mozilla | 1 Firefox | 2018-06-11 | 7.5 HIGH | 8.8 HIGH |
| Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering. | |||||
| CVE-2018-11590 | 1 Espruino | 1 Espruino | 2018-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via an integer overflow during syntax parsing. This was addressed by fixing stack size detection on Linux in jsutils.c. | |||||
| CVE-2018-6917 | 1 Freebsd | 1 Freebsd | 2018-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Unprivileged users may be able to access privileged kernel data. | |||||
| CVE-2015-8895 | 1 Imagemagick | 1 Imagemagick | 2018-05-17 | 5.0 MEDIUM | 7.5 HIGH |
| Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow. | |||||