7 matches found
EUVD-2018-4655
Malware in sbrugna...
Logic flaw vulnerability in Globalvillage ecosystem
Globalvillage ecosystem GVE is a virtual currency system based on blockchain technology.A security vulnerability exists in the 'approveAndCallcode' function in GVE's smart contract implementation, which stems from the program's failure to validate the callcode. The vulnerability can be exploited ...
Globalvillage ecosystem evilReflex has an unspecified vulnerability.
Globalvillage ecosystem GVE is a virtual currency system based on blockchain technology. A security vulnerability exists in the 'approveAndCallcode' function in GVE's smart contract implementation, which stems from the program's failure to validate the callcode.An attacker could use this...
Design/Logic Flaw
The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem GVE, an Ethereum ERC20 token, allows attackers to steal assets e.g., transfer the contract's balances into their account because the callcode i.e., spender.callextraData is not verified, aka the...
CVE-2018-12702
The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem GVE, an Ethereum ERC20 token, allows attackers to steal assets e.g., transfer the contract's balances into their account because the callcode i.e., spender.callextraData is not verified, aka the...
CVE-2018-12702
The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem GVE, an Ethereum ERC20 token, allows attackers to steal assets e.g., transfer the contract's balances into their account because the callcode i.e., spender.callextraData is not verified, aka the...
CVE-2018-12702
The CVE-2018-12702 entry concerns Globalvillage ecosystem (GVE) ERC20 contracts where approveAndCallcode allows an attacker to hijack a callback via a non-verified _spender.call(_extraData), enabling token transfers from the vulnerable contract (evilReflex). Connected sources describe the mechani...