CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Code423n4•added 2021/08/16 12:0 a.m.•14 views

Rewards accumaulated can stay constant and oftern not increment

Handle moose-code Vulnerability details Impact rewardsPerToken.accumulated can stay constant while rewardsPerToken.lastUpdated is continually updated, leading to no actual rewards being distributed. I.e. No rewards accumulate. Proof of Concept Line 115, rewardsPerToken.accumulated could stay...

6.9AI score

Code423n4•added 2021/08/13 12:0 a.m.•14 views

Unchecked return value from transfer()

Handle JMukesh Vulnerability details Impact It is usually good to add a require-statement that checks the return value or to use something like safeTransfer; unless one is sure the given token reverts in case of a failure. Proof of Concept Tools Used manual review Recommended Mitigation Steps che...

6.8AI score

Cvelist•added 2021/08/03 9:24 p.m.•9 views

CVE-2021-33403

An integer overflow in the transfer function of a smart contract implementation for Lancer Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses between two large accounts during a transaction...

7.8AI score0.00213EPSS

Exploits1References2

Code423n4•added 2021/04/29 12:0 a.m.•6 views

instead of call() , transfer() is used to withdraw the ether

Handle JMukesh Vulnerability details Impact function withdrawuint amount external requireamount = ethBalancemsg.sender; ethBalancemsg.sender = ethBalancemsg.sender.subamount; msg.sender.transferamount; emit Withdrawmsg.sender, amount; To withdraw eth it uses transfer, this trnansaction will fail...

6.9AI score

Code423n4•added 2021/04/22 12:0 a.m.•8 views

Bypass or reduction on the lockup period of Pool FDTs.

Handle shw Vulnerability details Editing on a previous submission to clarify more details Impact In Pool.sol, the lockup restriction of withdrawal Pool.sol396 can be bypassed or reduced if new liquidity providers cooperate with existing ones. Proof of Concept 1. A liquidity provider, Alice,...

6.8AI score

CNVD•added 2020/08/25 12:0 a.m.•1 views

Pandora Digital Error Vulnerability

Pandora PDX is an ethereum-based digital currency.An integer overflow vulnerability exists in the 'transfer' and 'transferFrom' functions in the smart contract implementation of PDX. An attacker could exploit the vulnerability to set a user's balance to an arbitrary value...

CNVD•added 2020/05/11 12:0 a.m.•1 views

Linux kernel denial of service vulnerability (CNVD-2020-28264)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the drivers/spi/spi-dw.c file in Linux kernel versions prior to 5.4.17. An attacker can exploit this vulnerability to cause a denial...

5.5CVSS6.1AI score0.00063EPSS

Exploits1References1

Easy Trading Token Digital Error Vulnerability

Easy Trading Token ETT is an ethereum-based digital currency.An integer overflow vulnerability exists in the 'transfer' and 'transferFrom' functions in ETT's smart contract implementation. . An attacker can exploit this vulnerability to modify arbitrary amounts...

7.3AI score

Pandora Digital Error Vulnerability

PFGc Number Error Vulnerability

PFGc is an ethereum-based digital currency.An integer overflow vulnerability exists in the smart contract implementation of PFGc in the 'transfer', 'transferFrom', and 'mint ' functions in the PFGc smart contract implementation suffer from an integer overflow vulnerability. An attacker could...

ChuCunLingAIGO Digital Error Vulnerability

ChuCunLingAIGO CCLAG is an ethereum-based digital currency.The 'transfer' and 'transferFrom' functions in CCLAG's smart contract implementation suffer from an integer overflow vulnerability. An attacker could use this vulnerability to set a user's balance to an arbitrary value...

CNVD•added 2020/05/06 12:0 a.m.•1 views

Logic Flaw Vulnerability in FuturXE

FuturXE FXE is an ethereum-based virtual currency.A security vulnerability exists in the 'transferFrom' function in FXE's smart contract implementation, which stems from a logic error in the program. An attacker could exploit the vulnerability to make an unauthorized transfer of digital assets...

6.8AI score

OSV•added 2018/08/15 6:29 p.m.•3 views

CVE-2018-14779

A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function ykpivtransferdata: % highlight c % ifoutlen + recvlen - 2 maxout fprintfstderr, "Output buffer to small, wanted to write %lu, max was %lu.", outlen +...

6.8CVSS6.7AI score

Exploits0References4

Prion•added 2018/07/12 3:29 p.m.•6 views

Integer overflow

An integer overflow vulnerability exists in the function transfertokensafterICO of GlobeCoin GLB, an Ethereum token smart contract. An attacker could use it to set any user's balance...

5CVSS7.5AI score0.00237EPSS

Exploits1References2

CNVD•added 2018/07/11 12:0 a.m.•1 views

Bittelux Number Error Vulnerability

Bittelux BTX is an Ether-based digital currency. An integer overflow vulnerability exists in the 'transfer' and 'transferFrom' functions in the smart contract implementation of BTX. No details of the vulnerability are provided at this time...

7.5CVSS7.7AI score0.00237EPSS

CNVD•added 2018/07/11 12:0 a.m.•1 views

ChuCunLingAIGO Number Error Vulnerability

ChuCunLingAIGO CCLAG is an Ether-based digital currency. An integer overflow vulnerability exists in the 'transfer' and 'transferFrom' functions in CCLAG's smart contract implementation. No detailed vulnerability details are provided at this time...

7.5CVSS7.7AI score0.00237EPSS

CNVD•added 2018/07/06 12:0 a.m.•2 views

Easy Trading Token Numeric Error Vulnerability

Easy Trading Token ETT is an Ether-based digital currency. An integer overflow vulnerability exists in the 'transfer' and 'transferFrom' functions of ETT's smart contract implementation. No detailed vulnerability details are provided at this time...

7.5CVSS7.7AI score0.00237EPSS