13 matches found
EUVD-2018-3366
Malware in sbrugna...
EUVD-2018-4926
Malware in sbrugna...
EUVD-2018-6609
Malware in sbrugna...
EUVD-2018-4838
Malware in sbrugna...
EUVD-2018-9726
Malware in sbrugna...
CVE-2018-17987
The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum game, uses a certain blockhash value in an attempt to generate a random number for the case where NUMTILES equals the number of people who purchased a tile, which allows an attacker to control the...
CVE-2018-17987
The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum game, uses a certain blockhash value in an attempt to generate a random number for the case where NUMTILES equals the number of people who purchased a tile, which allows an attacker to control the...
CVE-2018-17987
HashHeroes Tiles is affected by CVE-2018-17987 in the determineWinner function of its Ethereum smart contract. The vulnerability arises from using a blockhash value to generate a random number when NUM_TILES equals the number of tile Purchases, enabling an attacker to influence the prize by being...
Design/Logic Flaw
The random function of the smart contract implementation for CryptoSaga, an Ethereum game, generates a random value with publicly readable variables such as timestamp, the current block's blockhash, and a private variable which can be read with a getStorageAt call. Therefore, attackers can...
CVE-2018-12885
No technical details about CVE-2018-12885 are present in the provided connected documents. Technical specifics, affected products, or remediation are not publicly available here; monitor for updates.
CVE-2018-14715
The endCoinFlip function and throwSlammer function of the smart contract implementations for Cryptogs, an Ethereum game, generate random numbers with an old block's hash. Therefore, attackers can predict the random number and always win the game...
CVE-2018-11329
CVE-2018-11329 concerns the Ether Cartel smart contract, where the public function named DrugDealer governs ownership (ceoAddress). The vulnerability stems from this function acting as a constructor but incorrectly named, enabling an attacker to seize control of the contract and subsequently mani...
VulnCheck KEV: CVE-2018-11329
The DrugDealer function of a smart contract implementation for Ether Cartel, an Ethereum game, allows attackers to take over the contract's ownership, aka ceoAnyone. After that, all the digital assets including Ether balance and tokens might be manipulated by the attackers, as exploited in...