Lucene search
K

13 matches found

Cvelist
Cvelist
added 2026/04/06 5:2 p.m.16 views

CVE-2026-35042 fast-jwt accepts unknown `crit` header extensions (RFC 7515 §4.1.11 MUST violation)

fast-jwt provides fast JSON Web Token JWT implementation. In 6.1.0 and earlier, fast-jwt does not validate the crit Critical Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a crit array listing extensions that fast-jwt does not understand, the library accepts the token...

7.5CVSS0.00155EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/13 8:5 p.m.4 views

EUVD-2026-11728

PyJWT accepts unknown crit header extensions...

7.5CVSS5.8AI score0.00269EPSS
Exploits1References1
CVE
CVE
added 2025/09/30 12:0 a.m.11 views

CVE-2025-56207

The CVE-2025-56207 entry concerns Money Making Opportunity (MMO), an Ethereum ERC-721 NFT project. The vulnerability is in the contract’s _transfer function, which can cause NFTs to be sent to the zero address, resulting in permanent asset loss and ERC-721 non-compliance. Affected details include...

6.5CVSS6.4AI score0.00306EPSS
Exploits0References1
PyPA
PyPA
added 2022/07/29 9:15 p.m.5 views

PYSEC-2022-43072

An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens minted on the Chia blockchain using the CAT1 standard can be inflated to an arbitrary extent by any holder of any amount of the token. The total amount of the token can be increased as high as the...

7.5CVSS7AI score0.00734EPSS
Exploits0References2Affected Software1
Code423n4
Code423n4
added 2021/10/05 12:0 a.m.8 views

Erc20.transferFrom() return value is ignored

Handle pants Vulnerability details According to the ERC-20 Token Standard, the function transferFrom returns false on failure. However, the return value of Erc20.transferFrom is ignored 11 times: 1. In Swivel.initiateVaultFillingZcTokenInitiate, line 103. 2. In...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/10/05 12:0 a.m.6 views

Erc20.approve() return value is ignored

Handle pants Vulnerability details According to the ERC-20 Token Standard, the function approve returns false on failure. However, the return value of Erc20.approve is ignored 3 times: 1. In Swivel.initiateVaultFillingZcTokenInitiate, line 109. 2. In Swivel.initiateZcTokenFillingVaultInitiate, li...

7.1AI score
Exploits0
CNVD
CNVD
added 2018/07/12 12:0 a.m.2 views

ERC20_ICO Integer Overflow Vulnerability

ERC20ICO is an Ether-based digital currency. An integer overflow vulnerability exists in the 'mintToken' function in the smart contract implementation of ERC20ICO. An attacker could use this vulnerability to set the balance of any user to an arbitrary value...

7.5CVSS7.7AI score0.01094EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/10 12:0 a.m.3 views

BiteduToken Integer Overflow Vulnerability

BiteduToken is a tradable Ether ERC20 token. An integer overflow vulnerability exists in the mintToken function of BiteduToken's smart contract implementation. The vulnerability can be exploited by the contract owner to set the balance of any user to any value...

7.5CVSS7.6AI score0.01094EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/10 12:0 a.m.2 views

STCToken Integer Overflow Vulnerability

STCToken is a tradable Ether ERC20 token. An integer overflow vulnerability exists in the mintToken function of STCToken's smart contract implementation. The vulnerability can be exploited by the contract owner to set the balance of any user to any value...

7.5CVSS7.6AI score0.01094EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/10 12:0 a.m.3 views

ISeeVoiceToken Integer Overflow Vulnerability

ISeeVoiceToken is a tradable Ether ERC20 token. An integer overflow vulnerability exists in the mintToken function of ISeeVoiceToken's smart contract implementation. The vulnerability can be exploited by the contract owner to set the balance of any user to any value...

7.5CVSS7.6AI score0.01094EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/05 12:0 a.m.1 views

ProvidenceCasino Integer Overflow Vulnerability

ProvidenceCasino PVE is a tradable Ether ERC20 token. An integer overflow vulnerability exists in the sell function of ProvidenceCasino PVE's smart contract implementation where "amount sellPrice" can be zero. An attacker could exploit the vulnerability to reduce the seller's assets...

7.5CVSS7.1AI score0.00988EPSS
Exploits0References1
CNVD
CNVD
added 2018/07/03 12:0 a.m.3 views

IADOWR Coin Integer Overflow Vulnerability

IADOWR Coin IAD is a tradable Ether ERC20 token. An integer overflow vulnerability exists in the mintToken function of IADOWR Coin's smart contract implementation. The vulnerability can be exploited by the contract owner to set the balance of any user to any value...

7.5CVSS7.6AI score0.00926EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2018/04/28 12:0 a.m.3 views

VulnCheck KEV: CVE-2018-10468

The transferFrom function of a smart contract implementation for Useless Ethereum Token UET, an Ethereum ERC20 token, allows attackers to steal assets e.g., transfer all victims' balances into their account because certain computations involving value are incorrect, as exploited in the...

7.5CVSS7.1AI score0.01595EPSS
Exploits3References1
Rows per page
Query Builder