15 matches found
EUVD-2018-2776
Malware in sbrugna...
EUVD-2018-4655
Malware in sbrugna...
EUVD-2018-4481
Malware in sbrugna...
EUVD-2018-3588
Malware in sbrugna...
EUVD-2018-8889
Malware in sbrugna...
EUVD-2018-2373
Malware in sbrugna...
CVE-2021-34270
An integer overflow in the mintToken function of a smart contract implementation for Doftcoin Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses...
CVE-2021-33403
An integer overflow in the transfer function of a smart contract implementation for Lancer Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses between two large accounts during a transaction...
CVE-2021-33403
The CVE concerns LNCToken (Lancer Token), an Ethereum ERC-20 token. The vulnerability is an integer overflow in the transfer function of the smart contract, which could allow the owner to cause unexpected financial losses between two large accounts during a transaction. The connected sources (inc...
Code injection
The ToOwner function of a smart contract implementation for Cryptbond Network CBN, an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity...
CVE-2018-11687
An integer overflow in the distributeBTR function of a smart contract implementation for Bitcoin Red BTCR, an Ethereum ERC20 token, allows the owner to accomplish an unauthorized increase of digital assets by providing a large address array, as exploited in the wild in May 2018, aka the...
CVE-2018-12083
The mintToken function of a smart contract implementation for GOAL Bonanza GOAL, a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue...
Buffer overflow
The sell function of a smart contract implementation for SEC, a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the...
Design/Logic Flaw
The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem GVE, an Ethereum ERC20 token, allows attackers to steal assets e.g., transfer the contract's balances into their account because the callcode i.e., spender.callextraData is not verified, aka the...
CVE-2018-12702
The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem GVE, an Ethereum ERC20 token, allows attackers to steal assets e.g., transfer the contract's balances into their account because the callcode i.e., spender.callextraData is not verified, aka the...