CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/01/05 12:0 a.m.•0 views

PT-2026-3200

8.7CVSS6.8AI score

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-4061

Malware in sbrugna...

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2018-4065

Malware in sbrugna...

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-4060

Malware in sbrugna...

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-10153

Malware in sbrugna...

6.5CVSS6.6AI score0.00193EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-4062

Malware in sbrugna...

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-4064

Malware in sbrugna...

RedhatCVE•added 2025/05/22 6:51 a.m.•3 views

CVE-2018-18425

The doAirdrop function of a smart contract implementation for Primeo PEO, an Ethereum token, does not check the numerical relationship between the amount of the air drop and the token's total supply, which lets the owner of the contract issue an arbitrary amount of currency. Increasing the total...

6.5CVSS7.1AI score0.00193EPSS

Exploits1References1

Code423n4•added 2023/11/13 12:0 a.m.•5 views

The reentrancy vulnerability in NextGenCore can allow an attacker to manipulate minting execution

Lines of code Vulnerability details Impact Function mintProcessing has been used in mint and airDropTokens and both doesn't follow check-effect-interaction pattern and code updates the values of tokensAirdropPerAddress, tokensMintedAllowlistAddress and tokensMintedPerAddress variables after makin...

7.3AI score

Code423n4•added 2023/10/30 12:0 a.m.•10 views

StakedUSDe.totalSupply() may decrease below MIN_SHARES by StakedUSDe.redistributeLockedAmount.

Lines of code Vulnerability details Impact StakedUSDe runs checkMinShares in deposit and withdraw to keep the totalSupply more than MINSHARES, 1e18. It is to prevent an ERC4626 inflation attack. However, StakedUSDe.redistributeLockedAmountuser, address0 burns all the user's shares and decreases t...

7.2AI score

Code423n4•added 2023/10/25 12:0 a.m.•9 views

Price inflation pump

Lines of code Vulnerability details Impact AfEth price can be inflated until severe rounding errors occur. Proof of concept Deposit in AfEth such that totalValue == 1 and thus 1 afEth is minted. Then AfEth.price will be in the open interval $1,2$ AfEth.price $= 1$ is extremely unlikely. Deposit i...

6.9AI score

Code423n4•added 2023/08/28 12:0 a.m.•5 views

Improper handling of cases when total supply = 0

Lines of code Vulnerability details Impact Improper handling of cases when total supply = 0 AMM engine may not be started. Proof of Concept Considering if a vault uses Shell as its AMM engine. At the start, the vault has 0 X and Y balance and someone try to deposit tokens to it, this process will...

Code423n4•added 2023/08/10 12:0 a.m.•11 views

getPastCirculatingSupply() returns the ARB token supply instead of circulating votes supply

Lines of code Vulnerability details Bug Description In ArbitrumGovernorVotesQuorumFractionUpgradeable, the getPastCirculatingSupply function is used when calculating quorum for proposals: ArbitrumGovernorVotesQuorumFractionUpgradeable.solL31-L35 /// @notice Get "circulating" votes supply; i.e.,...

HackRead•added 2023/06/07 2:44 p.m.•9 views

Sweat Economy Gives Power to Community over 2 Billion SWEAT Tokens

By Waqas These 2 billion SWEAT tokens, which make up around 13% of the total supply, have been locked in… This is a post from HackRead.com Read the original post: Sweat Economy Gives Power to Community over 2 Billion SWEAT Tokens...

7.1AI score

Code423n4•added 2023/03/30 12:0 a.m.•10 views

An attacker can manipulate the preDepositvePrice to steal from other users.

Lines of code Vulnerability details Impact The first user that stakes can manipulate the total supply of sfTokens and by doing so create a rounding error for each subsequent user. In the worst case, an attacker can steal all the funds of the next user. Proof of Concept When the first user enters...

6.7AI score

Code423n4•added 2023/02/20 12:0 a.m.•11 views

Artificial Inflation of Interest-Bearing Balances

Lines of code Vulnerability details Impact It is possible to artificially inflate one's balance, compromising the integrity of the KIB token entirely. The vulnerability arises from how the balances are updated and utilize "stale" values that were loaded into memory. As such, a self-transfer would...

Code423n4•added 2023/01/27 12:0 a.m.•11 views

ERC1155Enumerable._removeTokenEnumeration() checks the removal condition wrongly.

Lines of code Vulnerability details Impact ERC1155Enumerable.removeTokenEnumeration checks the removal condition wrongly. As a result, the tokens with 0 total supply won't be removed from allTokens array at all. Proof of Concept removeTokenEnumeration checks the removal condition like below when ...

Code423n4•added 2023/01/25 12:0 a.m.•4 views

Unchecked Token Minting: A Critical Vulnerability in Timeswap V2 Token Contract

Lines of code Vulnerability details Impact It allows an attacker to mint new tokens without proper checks and validations, which can result in an inflation of the total supply of tokens and a loss of funds for the contract's owner or users. The contract's "mint" function allows the attacker to mi...

6.7AI score

Code423n4•added 2023/01/20 12:0 a.m.•7 views

Redemptions during undercollateralization can be hot-swapped to steal all funds

Lines of code Vulnerability details Impact During recollateralization/a switch basket/when the protocol collateral isn't sound, a user can have almost their entire redemption transaction hot swapped for nothing. For example, trying to redeem 1M collateral for 1M rTokens could have the user end up...

6.7AI score