CVE-2018-12454
The CVE-2018-12454 entry concerns the _addguess function of the simplelottery contract in 1000 Guess. The root cause is the use of publicly readable variables (block data) combined with a private variable (readable via getStorageAt) to generate the random value. This allows an attacker to predict...