Lucene search
+L

7 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-4655

Malware in sbrugna...

7.5CVSS7.6AI score0.01094EPSS
Exploits2References3
cnvd
cnvd
added 2020/05/06 12:0 a.m.2 views

Logic flaw vulnerability in Globalvillage ecosystem

Globalvillage ecosystem GVE is a virtual currency system based on blockchain technology.A security vulnerability exists in the 'approveAndCallcode' function in GVE's smart contract implementation, which stems from the program's failure to validate the callcode. The vulnerability can be exploited ...

6.9AI score
Exploits0
cnvd
cnvd
added 2018/06/26 12:0 a.m.4 views

Globalvillage ecosystem evilReflex has an unspecified vulnerability.

Globalvillage ecosystem GVE is a virtual currency system based on blockchain technology. A security vulnerability exists in the 'approveAndCallcode' function in GVE's smart contract implementation, which stems from the program's failure to validate the callcode.An attacker could use this...

7.5CVSS7.5AI score0.01094EPSS
Exploits2References1
prion
prion
added 2018/06/25 10:29 a.m.12 views

Design/Logic Flaw

The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem GVE, an Ethereum ERC20 token, allows attackers to steal assets e.g., transfer the contract's balances into their account because the callcode i.e., spender.callextraData is not verified, aka the...

5CVSS7.4AI score0.01094EPSS
Exploits2References2
nvd
nvd
added 2018/06/25 10:29 a.m.19 views

CVE-2018-12702

The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem GVE, an Ethereum ERC20 token, allows attackers to steal assets e.g., transfer the contract's balances into their account because the callcode i.e., spender.callextraData is not verified, aka the...

7.5CVSS7.4AI score0.01094EPSS
Exploits2References2
cvelist
cvelist
added 2018/06/25 10:0 a.m.22 views

CVE-2018-12702

The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem GVE, an Ethereum ERC20 token, allows attackers to steal assets e.g., transfer the contract's balances into their account because the callcode i.e., spender.callextraData is not verified, aka the...

7.5AI score0.01094EPSS
Exploits2References2
cve
cve
added 2018/06/25 10:0 a.m.57 views

CVE-2018-12702

The CVE-2018-12702 entry concerns Globalvillage ecosystem (GVE) ERC20 contracts where approveAndCallcode allows an attacker to hijack a callback via a non-verified _spender.call(_extraData), enabling token transfers from the vulnerable contract (evilReflex). Connected sources describe the mechani...

7.5CVSS7.4AI score0.01094EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder