Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-4039

Malware in sbrugna...

7.5CVSS7.6AI score0.01675EPSS
Exploits0References5
Prion
Prion
added 2018/10/23 9:30 p.m.16 views

Code injection

A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a random value that is predictable via an external contract call. The developer used the extcodesize function to prevent a malicious contract from being called, but the attacker can bypass it by writing t...

5CVSS7.5AI score0.01637EPSS
Exploits1References1
Prion
Prion
added 2018/09/18 9:29 p.m.16 views

Design/Logic Flaw

The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum gambling game, generates a random value with the publicly readable variable entrynumber. This variable is private, yet it is readable by eth.getStorageAt function. Also, attackers can purchase a tick...

5CVSS7.5AI score0.01208EPSS
Exploits1References1
Prion
Prion
added 2018/08/15 5:29 p.m.13 views

Design/Logic Flaw

The maxRandom function of a smart contract implementation for All For One, an Ethereum gambling game, generates a random value with publicly readable variables because the seed value can be retrieved with a getStorageAt call. Therefore, it allows attackers to always win and get rewards...

5CVSS7.5AI score0.01675EPSS
Exploits0References2
Prion
Prion
added 2018/06/17 12:29 p.m.23 views

Information disclosure

The addguess function of a simplelottery smart contract implementation for 1000 Guess, an Ethereum gambling game, generates a random value with publicly readable variables such as the current block information and a private variable which can be read with a getStorageAt call. Therefore, it allows...

5CVSS7.3AI score0.01253EPSS
Exploits1References1
NVD
NVD
added 2018/06/17 12:29 p.m.31 views

CVE-2018-12454

The addguess function of a simplelottery smart contract implementation for 1000 Guess, an Ethereum gambling game, generates a random value with publicly readable variables such as the current block information and a private variable which can be read with a getStorageAt call. Therefore, it allows...

7.5CVSS7.3AI score0.01253EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/06/17 12:0 p.m.36 views

CVE-2018-12454

The addguess function of a simplelottery smart contract implementation for 1000 Guess, an Ethereum gambling game, generates a random value with publicly readable variables such as the current block information and a private variable which can be read with a getStorageAt call. Therefore, it allows...

7.4AI score0.01253EPSS
Exploits1References1
Rows per page
Query Builder