DestiNeed (DSN) Integer Overflow Vulnerability

DestiNeed DSN is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function in DSN's smart contract implementation. An attacker could use this vulnerability to prevent the seller from accessing the assets due to the exchange...

CTB Integer Overflow Vulnerability

CTB is an Ether-based digital currency. An integer overflow vulnerability exists in the 'mintToken' function of the smart contract implementation in CTB. An attacker can exploit this vulnerability to set the balance of any user to an arbitrary value...

MoxyOnePresale Integer Overflow Vulnerability

MoxyOnePresale is a smart contract that runs on Ether. An integer overflow vulnerability exists in the mint function in MoxyOnePresale. An attacker could use this vulnerability to arbitrarily retrieve casting tokens...

Ether Cartel Unauthorized Operation Vulnerability

Ether Cartel is a blockchain-based pharmaceutical simulation game. A security vulnerability exists in the 'DrugDealer' function of the smart contract implementation in Ether Cartel. An attacker could use the vulnerability to take control of the contract's ownership and potentially manipulate...

CVE-2018-11329

The DrugDealer function of a smart contract implementation for Ether Cartel, an Ethereum game, allows attackers to take over the contract's ownership, aka ceoAnyone. After that, all the digital assets including Ether balance and tokens might be manipulated by the attackers, as exploited in the wi...

Code injection

The DrugDealer function of a smart contract implementation for Ether Cartel, an Ethereum game, allows attackers to take over the contract's ownership, aka ceoAnyone. After that, all the digital assets including Ether balance and tokens might be manipulated by the attackers, as exploited in the wi...

CVE-2018-11329

The DrugDealer function of a smart contract implementation for Ether Cartel, an Ethereum game, allows attackers to take over the contract's ownership, aka ceoAnyone. After that, all the digital assets including Ether balance and tokens might be manipulated by the attackers, as exploited in the wi...

CVE-2018-11329

The DrugDealer function of a smart contract implementation for Ether Cartel, an Ethereum game, allows attackers to take over the contract's ownership, aka ceoAnyone. After that, all the digital assets including Ether balance and tokens might be manipulated by the attackers, as exploited in the wi...

Unspecified vulnerability in ROC 'request_divend' function

ROC aka Rasputin Online Coin is a virtual currency. There is a security vulnerability in the 'requestdivend' function in ROC's smart contract implementation. An attacker could use this vulnerability to steal the entire contract's Ether...

Design/Logic Flaw

The requestdividend function of a smart contract implementation for ROC aka Rasputin Online Coin, an Ethereum ERC20 token, allows attackers to steal all of the contract's Ether...

CVE-2018-10944

The requestdividend function of a smart contract implementation for ROC aka Rasputin Online Coin, an Ethereum ERC20 token, allows attackers to steal all of the contract's Ether...

CVE-2018-10944

The requestdividend function of a smart contract implementation for ROC aka Rasputin Online Coin, an Ethereum ERC20 token, allows attackers to steal all of the contract's Ether...

Yikes! Three armed men tried to rob a Bitcoin Exchange in Canada

As many non-tech savvy people think that Bitcoin looks like a Gold coin as illustrated in many stock images, perhaps these robbers also planned to rob a cryptocurrency exchange thinking that way. All jokes apart, we saw one such attempt on Tuesday morning, when three men armed with handguns enter...

The vulnerability of the `usbnet_generic_cdc_bind` function (drivers/net/usb/cdc_ether.c) in the Linux kernel allows a attacker to cause a service failure or exert other effects.

The vulnerability of the usbnetgenericcdcbind function located in the drivers/net/usb/cdcether.c file in the Linux kernel arises due to errors during the zero-division operation. Exploitation of this vulnerability can allow an attacker, operating locally, to cause service failures or other effect...

Hundreds of Millions in Digital Currency Remains Frozen

Between $150 million and $300 million in digital currency called ether remains inaccessible today after a user said he “accidentally” triggered a vulnerability that froze the funds in the popular Parity wallet. Parity Technologies issued an advisory warning users about the flaw in the Parity Wall...

Oh, Crap! Someone Accidentally Triggered A Flaw That Locked Up $280 Million In Ethereum

Horrible news for some Ethereum users. About $300 million worth of Ether—the cryptocurrency unit that has become one of the most popular and increasingly valuable cryptocurrencies—from dozens of Ethereum wallets was permanently locked up today. Smart contract coding startup Parity Technologies,...

CVE-2017-14003

An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link ESL running firmware versions 6.01.00/29.03.2007 and prior versions. An improper authentication vulnerability has been identified, which, if exploited, would allow an attacker with the same IP address to bypass...

Authentication flaw

An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link ESL running firmware versions 6.01.00/29.03.2007 and prior versions. An improper authentication vulnerability has been identified, which, if exploited, would allow an attacker with the same IP address to bypass...

CVE-2017-14003

An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link ESL running firmware versions 6.01.00/29.03.2007 and prior versions. An improper authentication vulnerability has been identified, which, if exploited, would allow an attacker with the same IP address to bypass...

CVE-2017-14003

The CVE-2017-14003 issue affects LAVA Computer MFG Ether-Serial Link (ESL) devices running firmware 6.01.00/29.03.2007 and earlier. An improper authentication vulnerability allows an attacker with the same IP address to bypass authentication by accessing a specific resource locator, effectively e...