15 matches found
Unsafe use of transfer()/transferFrom() with IERC20
Lines of code 377, 509, 491, 530, 42, 50 Vulnerability details Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether USDT's transfer and transferFrom functions on L1 do not return booleans as the specification...
Upgraded Q -> M from 796 [1666363133014]
Judge has assessed an item in Issue 796 as Medium risk. The relevant finding follows: L‑01 Use of transferFrom rather than safeTransferFrom for NFTs in will lead to the loss of NFTs The EIP-721 standard says the following about transferFrom: /// @notice Transfer ownership of an NFT -- THE CALLER ...
Easy Trading Token Digital Error Vulnerability
Easy Trading Token ETT is an ethereum-based digital currency.An integer overflow vulnerability exists in the 'transfer' and 'transferFrom' functions in ETT's smart contract implementation. . An attacker can exploit this vulnerability to modify arbitrary amounts...
Pandora Digital Error Vulnerability
Pandora PDX is an ethereum-based digital currency.An integer overflow vulnerability exists in the 'transfer' and 'transferFrom' functions in the smart contract implementation of PDX. An attacker could exploit the vulnerability to set a user's balance to an arbitrary value...
ChuCunLingAIGO Digital Error Vulnerability
ChuCunLingAIGO CCLAG is an ethereum-based digital currency.The 'transfer' and 'transferFrom' functions in CCLAG's smart contract implementation suffer from an integer overflow vulnerability. An attacker could use this vulnerability to set a user's balance to an arbitrary value...
PFGc Number Error Vulnerability
PFGc is an ethereum-based digital currency.An integer overflow vulnerability exists in the smart contract implementation of PFGc in the 'transfer', 'transferFrom', and 'mint ' functions in the PFGc smart contract implementation suffer from an integer overflow vulnerability. An attacker could...
Bittelux Number Error Vulnerability
Bittelux BTX is an Ether-based digital currency. An integer overflow vulnerability exists in the 'transfer' and 'transferFrom' functions in the smart contract implementation of BTX. No details of the vulnerability are provided at this time...
ChuCunLingAIGO Number Error Vulnerability
ChuCunLingAIGO CCLAG is an Ether-based digital currency. An integer overflow vulnerability exists in the 'transfer' and 'transferFrom' functions in CCLAG's smart contract implementation. No detailed vulnerability details are provided at this time...
CVE-2018-12230
An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin RMC, an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks...
Easy Trading Token Numeric Error Vulnerability
Easy Trading Token ETT is an Ether-based digital currency. An integer overflow vulnerability exists in the 'transfer' and 'transferFrom' functions of ETT's smart contract implementation. No detailed vulnerability details are provided at this time...
PT-2018-11750 · Bittelux · Bittelux
Name of the Vulnerable Software and Affected Versions: Bittelux BTX affected versions not specified Description: The issue concerns an integer overflow in the transfer and transferFrom functions of a smart contract implementation for Bittelux BTX, an Ethereum token. However, it is noted that this...
PT-2018-11628 · Pandora · Pandora
Name of the Vulnerable Software and Affected Versions: Pandora PDX affected versions not specified Description: The issue concerns an integer overflow in the transfer and transferFrom functions of a smart contract implementation for Pandora PDX, an Ethereum token. However, it is noted that this h...
PT-2018-11609 · Ethereum · Easy Trading Token
Name of the Vulnerable Software and Affected Versions: Easy Trading Token ETT affected versions not specified Description: The issue concerns an integer overflow in the transfer and transferFrom functions of a smart contract implementation for Easy Trading Token ETT, an Ethereum token. However, i...
FuturXE has an unspecified vulnerability
FuturXE FXE is an ethereum-based virtual currency. A security vulnerability exists in the 'transferFrom' function of the smart contract implementation in FXE, which stems from a logic error in the program. An attacker could exploit the vulnerability to make an unauthorized transfer of digital...
CVE-2018-11411
The transferFrom function of a smart contract implementation for DimonCoin FUD, an Ethereum ERC20 token, allows attackers to steal assets e.g., transfer all victims' balances into their account because certain computations involving value are incorrect...