CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1208 matches found

Snyk•added 2026/05/06 7:57 p.m.•4 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

9.1CVSS5.8AI score

Exploits0References2

RedhatCVE•added 2026/01/09 12:24 p.m.•7 views

CVE-2018-14085

An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit uint public start; function...

7.5CVSS6.9AI score0.00237EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:23 p.m.•3 views

CVE-2018-14089

An issue was discovered in a smart contract implementation for VirgoZodiacToken, an Ethereum token. In this contract, 'bool sufficientAllowance = allowance =' which was intended. An attacker can transfer from any address to his address, and does not need to meet the 'allowance value' condition...

7.5CVSS7AI score0.00237EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:23 p.m.•7 views

CVE-2018-14086

An issue was discovered in a smart contract implementation for SingaporeCoinOrigin SCO, an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices then the "amount sellPrice" will cause an integer overflow in sell...

9.8CVSS7.2AI score0.00411EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:22 p.m.•4 views

CVE-2018-14084

An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices then the "amount sellPrice" will cause an integer overflow in sell...

9.8CVSS7.2AI score0.00411EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:26 a.m.•3 views

CVE-2021-33403

An integer overflow in the transfer function of a smart contract implementation for Lancer Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses between two large accounts during a transaction...

7.5CVSS7.1AI score0.00213EPSS

Exploits1References1