55 matches found
EUVD-2018-4065
Malware in sbrugna...
EUVD-2018-4051
Malware in sbrugna...
EUVD-2018-4060
Malware in sbrugna...
EUVD-2018-4053
Malware in sbrugna...
EUVD-2018-4062
Malware in sbrugna...
EUVD-2018-4046
Malware in sbrugna...
Full Disclosure of Highly-Manipulatable, tradeTrap-Affected ERC20 Tokens in Multiple Top Exchanges(CVE-2018-11446)
Update: 2018-06-12 The BMB BMB contract 0x0e935e976a47342a4aee5e32ecf2e7b59195e82f is NOT affected by tradeTrap. We sincerely apology for mistakenly listing it as a vulnerable ERC20 token. Quoted from our last blog 1, “publicly tradable ERC-20 tokens have considerable high market value. Various...
Unspecified Vulnerability in Fujinto tradeTrap
Fujinto NTO is a tradable Ether ERC20 token. A security vulnerability exists in Fujinto tradeTrap. The vulnerability stems from the fact that Fujinto's smart contract implementation of the mintToken function does not have an expiration date. The vulnerability can be exploited by the owner to...
Unspecified vulnerability in Substratum tradeTrap
Substratum SUB is a tradable Ether ERC20 token. A security vulnerability exists in Substratum tradeTrap. The vulnerability stems from a parametric multiplication overflow and a manipulable variable sellPrice, which can be exploited by an attacker to cause financial loss to the seller...
Unspecified Vulnerability in BitAsean tradeTrap
BitAsean BAS is a tradable Ether ERC20 token. A security vulnerability exists in BitAsean tradeTrap. The vulnerability stems from the fact that the mintToken function of BitAsean BAS's smart contract implementation has no expiration date constraints. The vulnerability could be exploited by an own...
Unspecified Vulnerability in SwftCoin tradeTrap
SwftCoin SWFTC is a tradable Ether ERC20 token. SwftCoin suffers from a tradeTrap vulnerability. The vulnerability stems from a parametric multiplication overflow and a manipulable variable sellPrice, which can be exploited by an attacker to cause financial loss to the seller...
Design/Logic Flaw
The mintToken function of a smart contract implementation for Fujinto NTO, a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue...
Buffer overflow
The sell function of a smart contract implementation for SEC, a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the...
CVE-2018-12078
The mintToken function of a smart contract implementation for PolyAI AI, a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue...
CVE-2018-11446
The buy function of a smart contract implementation for Gold Reward GRX, an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable buyPrice, aka the...
CVE-2018-12081
The mintToken function of a smart contract implementation for Target Coin TGT, a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue...
Code injection
The mintToken function of a smart contract implementation for Internet Node Token INT, a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue...
Buffer overflow
The buy function of a smart contract implementation for Gold Reward GRX, an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable buyPrice, aka the...
Design/Logic Flaw
The mintToken function of a smart contract implementation for Target Coin TGT, a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue...
Code injection
The mintToken function of a smart contract implementation for Substratum SUB, a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue...