Cisco Security Advisories and Alerts published on Wed 18th Jul 2018.

July 19, 2018 admin Leave a comment

Cisco Policy Suite for Mobile is a carrier-grade policy, charging, and subscriber data management solution. It helps service providers rapidly create and bring services to market, deliver a positive user experience, and optimize network resources. It also generates monetization opportunities across 3G, 4G, and LTE access networks as well as IP Multimedia Subsystem (IMS) service architectures.

Seems this round will make ISP busy!

Cisco Policy Suite Policy Builder Unauthenticated Access Vulnerability (CVE-2018-0376) – Critical

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-pspb-unauth-access

Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability (CVE-2018-0377) – Critical

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ps-osgi-unauth-access

Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability (CVE-2018-0374) – Critical

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-unauth-access

Cisco Policy Suite Cluster Manager Default Password Vulnerability (CVE-2018-0375) – Critical

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-cm-default-psswrd

Uncategorized

Jul 2018 – What’s up involving LabCorp Cyber Security incident ?

July 19, 2018 admin Leave a comment

Headline News said a global laboratory company suspect encounter cyber attack this month (Jul 2018). LabCorp a leading global life sciences company, aim to provides diagnostic, drug development and technology-enabled solutions for more than 115 million patient encounters per year. As of today, we did not heard any official announce the details. However the news on article given hints to speculated the root cause. The company insider senior managers were informed that the entire computer network of LabCorp, a Fortune 500 company, was shut down across the US Sunday morning after hackers tried to access the private medical records of millions of people.

Regarding to this unconfirmed cyber attack incident, can you still remember CVE-2018-10593 and CVE-2018-10595. What if attacker hunt the staff from LabCorp go through phishing email or send malicious MS Word document. It luck to evade the antivirus and firewall IPS. Then conduct the design weakness of BD Kiestra system vulnerabilities (CVE-2018-10593 and CVE-2018-10595). It looks that one of the data breach scenario will be successful establish.

A VULNERABILITY FOUND IN BECTON DICKINSON DB MANAGER (CVE-2018-10593 AND CVE-2018-10595)

A vulnerability found in becton dickinson DB Manager (CVE-2018-10593 and CVE-2018-10595)

Headline News:

EXCLUSIVE: Hackers have breached the network at LabCorp – one of the largest diagnostic blood testing laboratories in the US – sparking fears of exposing MILLIONS of patients’ private medical records

http://www.dailymail.co.uk/news/article-5959021/LabCorp-blood-testing-labs-hacked-sparking-fears-exposing-MILLIONS-patients-records.html

FBI Aware Of ‘Reports Of Ransomware Attack’ Involving LabCorp Security Breach

https://www.wfmynews2.com/article/news/fbi-aware-of-reports-of-ransomware-attack-involving-labcorp-security-breach/83-574887499

Potential Risk of CVE

Have you heard CVE-20170-5645? Oracle critical patch update advisory – July 2018.

July 18, 2018 admin Leave a comment

Background

Java programming language sometimes look like a accomplice. The Java Sandbox, which attempts to enforce a privilege model that permits safe execution of untrusted code, and is most famously used to permit the automatic execution of Java Applets in a browser.

Vulnerability details

Apache Log4j is a Java-based logging utility. Log4j is one of several Java logging frameworks. A design flaw found on Oracle products, Log4j has possibility then let vulnerabilities remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.

Sample of using the Log4j Library

public class Jangles {

private static Log log = LogFactory.getLog(Jangles.class);
Public static void main(String[] args){
log.info("This is a testing message.");
if(log.isDebugEnabled()){
log.debug("This is a testing message.");
}
}
}

Above sample will enable Log4j to control the output of other libraries which use Apache Commons Logging like the Java Caching System.
So, do you think this is the root causes hits the vulnerability?

Perhaps this vulnerability reference number go back 2017. However Oracle Critical Patch Update Advisory on July 2018 still has status update of this vulnerability. If you are the Oracle product user, you must stay alert. You should stay alert!

Vulnerability detail:

This vulnerability is remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.

Official announcement hyperlink shown as below:

Oracle Critical Patch Update Advisory – July 2018 – http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixEM

Affected Products version and vulnerability details :

CVE	Product	Component	Remote Exploit without Auth.?	Base score	Supported Versions Affected
CVE-2017-5645	Enterprise Manager Base Platform	Installer (Apache Log4j)	Yes	9.8	12.1.0.5, 13.2.x
CVE-2017-5645	Enterprise Manager Base Platform	Security Framework (Apache Log4j)	Yes	9.8	12.1.0.5, 13.2.x
CVE-2017-5645	Enterprise Manager for Fusion Middleware	Application Replay (Apache Log4j)	Yes	9.8	12.1.0.5, 13.2.x
CVE-2017-5645	Enterprise Manager for Fusion Middleware	FMW Plugin for CC (Apache Log4j)	Yes	9.8	12.1.0.5, 13.2.x
CVE-2017-5645	Enterprise Manager for MySQL Database	EM Plugin: General (Apache Log4j)	Yes	9.8	13.2.2.0.0 and prior
CVE-2017-5645	Enterprise Manager for Oracle Database	Provisioning (Apache Log4j)	Yes	9.8	12.1.0.8, 13.2.2
CVE-2017-5645	Enterprise Manager for Peoplesoft	PSEM Plugin (Apache Log4j)	Yes	9.8	13.1.1.1, 13.2.1.1
CVE-2017-5645	Oracle Banking Platform	Collections (Apache Log4j)	Yes	9.8	2.6.0, 2.6.1, 2.6.2
CVE-2017-5645	Oracle Financial Services Analytical Applications Infrastructure	Infrastructure (Apache Log4j)	Yes	9.8	7.3.3.x, 8.0.x
CVE-2017-5645	Oracle Financial Services Behavior Detection Platform	Ingestion (Apache Log4j)	Yes	9.8	8.0.x
CVE-2017-5645	Oracle Financial Services Funds Transfer Pricing	Logging (Apache Log4j)	Yes	9.8	6.1.1, 8.0.x
CVE-2017-5645	Oracle Financial Services Hedge Management and IFRS Valuations	Logging (Apache Log4j)	Yes	9.8	8.0.4, 8.0.5
CVE-2017-5645	Oracle Financial Services Loan Loss Forecasting and Provisioning	Logging (Apache Log4j)	Yes	9.8	8.0.4, 8.0.5
CVE-2017-5645	Oracle Financial Services Profitability Management	Logging (Apache Log4j)	Yes	9.8	6.1.1, 8.0.x
CVE-2017-5645	Oracle Enterprise Data Quality	General (Apache Log4j)	Yes	9.8	12.2.1.3.0
CVE-2017-5645	Oracle Fusion Middleware MapViewer	Install (Apache Log4j)	Yes	9.8	12.2.1.2, 12.2.1.3
CVE-2017-5645	MySQL Enterprise Monitor	Service Manager (Apache Log4j)	Yes	9.8	3.4.7.4297 and prior, 4.0.4.5235 and prior, 8.0.0.8131 and prior
CVE-2017-5645	PeopleSoft Enterprise FIN Install	Security (Apache Log4j)	Yes	9.8	9.2
CVE-2017-5645	Oracle Policy Automation	Determinations Engine (Apache Log4j)	Yes	9.8	10.4.7, 12.1.0, 12.1.1, 12.2.0, 12.2.1, 12.2.2, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7, 12.2.8, 12.2.9, 12.2.10
CVE-2017-5645	Oracle Policy Automation Connector for Siebel	Core (Apache Log4j)	Yes	9.8	10.4.6
CVE-2017-5645	Oracle Policy Automation for Mobile Devices	Core (Apache Log4j)	Yes	9.8	10.4.7, 12.1.0, 12.1.1, 12.2.0, 12.2.1, 12.2.2, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7, 12.2.8, 12.2.9, 12.2.10
CVE-2017-5645	Oracle Retail Clearance Optimization Engine	General Application (Apache Log4j)	Yes	9.8	14.0.5
CVE-2017-5645	Oracle Retail Financial Integration	PeopleSoft Integration Bugs (Apache Log4j)	Yes	9.8	13.2.x, 14.0.x, 14.1.x, 15.0.x, 16.0.x, 16.0.x
CVE-2017-5645	Oracle Retail Integration Bus	RIB Kernal (Apache Log4j)	Yes	9.8	12.0.x, 13.0.x, 13.1.x, 13.2.x, 14.0.0 14.1.0, 15.0, 16.0
CVE-2017-5645	Oracle Retail Predictive Application Server	RPAS Fusion Client (Apache Log4j)	Yes	9.8	15.0.3
CVE-2017-5645	Oracle Retail Service Backbone	Install (Apache Log4j)	Yes	9.8	14.0.x, 14.1.x, 15.0.x, 16.0.x
CVE-2017-5645	Oracle Retail Service Layer	Installation (Apache Log4j)	Yes	9.8	12.0.x, 13.0.x, 13.1.x, 13.2.x, 14.0.x
CVE-2017-5645	Oracle AutoVue VueLink Integration	Installation Issues (Apache Log4j)	Yes	9.8	21.0.0, 21.0.1
CVE-2017-5645	Oracle Utilities Network Management System	Logging (Apache Log4j)	Yes	9.8	1.12.x, 2.3.x
CVE-2017-5645	Oracle Utilities Work and Asset Management	Logging (Apache Log4j)	Yes	9.8	1.9.1.2.12

Potential Risk of CVE

July 2018 – SAP Security Patch Day

July 18, 2018 admin Leave a comment

According to Panorama Consulting, the average implementation costs for SAP and Oracle both increased while competitor implementation costs decreased. But regarding to cyber security, all the products do not have differences. Yes, it is do the patch management and update.

SAP Security Patch Day – July 2018

SAP businessobjects business intelligence suite :
CVE-2018-2432,CVE-2018-2427 and CVE-2018-2431

SAP gateway:
CVE-2018-2433

SAP internet graphics server :
CVE-2018-2437,CVE-2018-2439 and CVE-2018-2438

SAP netweaver :
CVE-2018-2435 and CVE-2018-2434

SAP r/3 enterprise retail :
CVE-2018-2436

Should you have interested, please see official hyperlink for reference.

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000

Potential Risk of CVE

9th Jul 2018 – Total 329 ethereum tokens vulnerable for integer overflow

July 17, 2018 admin Leave a comment

More ethereum tokens now involves into a bug and causes jeopardize the reputation. So called integer overflow, a design limitation allows the owner of the contract to set the balance of an arbitrary user to any value.

Reference resource (Hyperlink) – see below:

https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md

The status last week (9th July 2018) shown that there are total 329 ethereum tokens are vulnerable for integer overflow (refer Table A). A proof of concept let software developer know SafeMath is able to help (remediate the risk interger overflow vulnerability). I am not going to repeat the details again. For more, please refer below article for reference.

Integer overflow weakness similar kill the Ethereum. But SafeMath to protect from overflows.

Table A – vulnerability checklist

ethereum — ablgenesistoken	The mintToken function of a smart contract implementation for ABLGenesisToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13741
ethereum — airdroppercryptics_token	The mintToken function of a smart contract implementation for AirdropperCryptics, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13623
ethereum — aluxtoken	The mintToken function of a smart contract implementation for ALUXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13533
ethereum — aman_token	The mintToken function of a smart contract implementation for aman, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13515
ethereum — amtoken	The mintToken function of a smart contract implementation for AMToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13600
ethereum — anovabace_token	The mintToken function of a smart contract implementation for AnovaBace, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13737
ethereum — antoken	The mintToken function of a smart contract implementation for Antoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13720
ethereum — app_token	The mintToken function of a smart contract implementation for APP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13661
ethereum — appletoken	The mintToken function of a smart contract implementation for AppleToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13776
ethereum — archain_token	The mintToken function of a smart contract implementation for ARChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13606
ethereum — archercoin_token	The mintToken function of a smart contract implementation for archercoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13608
ethereum — azttoken	The mintToken function of a smart contract implementation for AZTToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13734
ethereum — bcaas_token	The mintToken function of a smart contract implementation for BCaaS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13665
ethereum — bcxss_token	The mintToken function of a smart contract implementation for Bcxss, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13539
ethereum — betterthanadrien_token	The mintToken function of a smart contract implementation for BetterThanAdrien, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13529
ethereum — beyondcashtoken	The mintToken function of a smart contract implementation for BeyondCashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13471
ethereum — bgamecoin_token	The mintToken function of a smart contract implementation for Bgamecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13551
ethereum — bgc_token	The mintToken function of a smart contract implementation for BGC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13648
ethereum — bigcadvancedtoken	The mintToken function of a smart contract implementation for BIGCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13759
ethereum — billionrewardstoken	The mint function of a smart contract implementation for BillionRewardsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13660
ethereum — biqutoken	The mintToken function of a smart contract implementation for BiquToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13764
ethereum — bitcoinagiletoken	The mintToken function of a smart contract implementation for BitcoinAgileToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13485
ethereum — bitedutoken	The mintToken function of a smart contract implementation for BiteduToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13719
ethereum — bitmaxertoken	The mintToken function of a smart contract implementation for BitmaxerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13650
ethereum — bitpark_token	The mintToken function of a smart contract implementation for Bitpark, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13638
ethereum — bitstarti_token	The mintToken function of a smart contract implementation for Bitstarti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13774
ethereum — bitstore_token	The mintToken function of a smart contract implementation for BitStore, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13595
ethereum — bmvcoin_token	The mintToken function of a smart contract implementation for BMVCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13562
ethereum — bpstoken	The mintToken function of a smart contract implementation for BpsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13715
ethereum — briancoin_token	The mintToken function of a smart contract implementation for BrianCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13659
ethereum — briant2token	The mintToken function of a smart contract implementation for Briant2Token, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13603
ethereum — bsctoken	The mintToken function of a smart contract implementation for BSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13663
ethereum — btpcoin_token	The mintToken function of a smart contract implementation for BTPCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13668
ethereum — buyertoken	The mintToken function of a smart contract implementation for BuyerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13470
ethereum — buytoken	The mintToken function of a smart contract implementation for Order (ETH) (Contract Name: BuyToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13708
ethereum — c3_token	The mintToken function of a smart contract implementation for C3 Token (C3), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13517
ethereum — captoz_token	The mintToken function of a smart contract implementation for CAPTOZ, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13617
ethereum — cardfactory_token	The mintToken function of a smart contract implementation for CardFactory, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13594
ethereum — cardtoken	The mintToken function of a smart contract implementation for CardToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13593
ethereum — carrot_token	The mintToken function of a smart contract implementation for Carrot, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13491
ethereum — cartoken	The mintToken function of a smart contract implementation for CarToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13748
ethereum — cavecoin_token	The mintToken function of a smart contract implementation for Cavecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13468
ethereum — cbrtoken	The mintToken function of a smart contract implementation for CBRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13484
ethereum — ccash_token	The mintToken function of a smart contract implementation for CCASH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13546
ethereum — cdcurrency_token	The mintToken function of a smart contract implementation for CDcurrency, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13611
ethereum — cerb_coin_token	The mintToken function of a smart contract implementation for CERB_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13703
ethereum — cgctoken	The mintToken function of a smart contract implementation for CGCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13778
ethereum — cherrycoin_token	The mintToken function of a smart contract implementation for CHERRYCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13585
ethereum — cherrycoinfoundation_token	The mintToken function of a smart contract implementation for CherryCoinFoundation, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13756
ethereum — cikkacoin_token	The mintToken function of a smart contract implementation for CikkaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13637
ethereum — cjxtoken	The mintToken function of a smart contract implementation for CJXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13689
ethereum — cloutoken	The mint function of a smart contract implementation for CloutToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13472
ethereum — cm_token	The mintToken function of a smart contract implementation for CM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13714
ethereum — co2bit_token	The mintToken function of a smart contract implementation for Co2Bit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13565
ethereum — cobtoken	The mintToken function of a smart contract implementation for COBToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13497
ethereum — code47_token	The mintToken function of a smart contract implementation for Code47 (C47), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13588
ethereum — coinquer_token	The mintToken function of a smart contract implementation for Coinquer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13757
ethereum — combilladvancedtoken	The mintToken function of a smart contract implementation for ComBillAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13674
ethereum — con0217_token	The mintToken function of a smart contract implementation for CON0217, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13613
ethereum — coquinho_coin_token	The mintToken function of a smart contract implementation for Coquinho Coin (CQNC) (Contract Name: CoquinhoERC20), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13550
ethereum — corellicoin_token	The mintToken function of a smart contract implementation for CorelliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13511
ethereum — cornerstone_token	The mintToken function of a smart contract implementation for Cornerstone, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13767
ethereum — cosmotokenerc20_token	The mintToken function of a smart contract implementation for COSMOTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13556
ethereum — crimsonshilling_token	The mintToken function of a smart contract implementation for CrimsonShilling, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13629
ethereum — crowdnext_token	The mintToken function of a smart contract implementation for Crowdnext (CNX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13744
ethereum — crowdsale_token	The mintToken function of a smart contract implementation for Crowdsale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13499
ethereum — crypto_alley_shares_token	The mintToken function of a smart contract implementation for Crypto Alley Shares (CAST), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13488
ethereum — cryptoleu_token	The mintToken function of a smart contract implementation for CryptoLeu, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13541
ethereum — cryptosistoken	The mintToken function of a smart contract implementation for CryptosisToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13754
ethereum — crystals_token	The mintToken function of a smart contract implementation for Crystals, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13466
ethereum — csatoken	The mintToken function of a smart contract implementation for CSAToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13609
ethereum — ctesale_token	The mintToken function of a smart contract implementation for CTESale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13477
ethereum — ctest7_token	The mint function of a smart contract implementation for CTest7, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13695
ethereum — cws_token	The mintToken function of a smart contract implementation for CWS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13664
ethereum — daddytoken	The mintToken function of a smart contract implementation for DaddyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13493
ethereum — databits_token	The mintToken function of a smart contract implementation for Databits, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13711
ethereum — datashieldcoin_token	The mintToken function of a smart contract implementation for DataShieldCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13574
ethereum — datiac_token	The mintToken function of a smart contract implementation for Datiac, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13646
ethereum — dectoken	The mintToken function of a smart contract implementation for DECToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13587
ethereum — deploy_token	The mintToken function of a smart contract implementation for Deploy, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13649
ethereum — destineed_token	The mintToken function of a smart contract implementation for DestiNeed (DSN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13699
ethereum — deweisecurityservicetoken	The mintToken function of a smart contract implementation for DeWeiSecurityServiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13753
ethereum — dhacoin_token	The mintToken function of a smart contract implementation for DhaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13528
ethereum — digitalcloudtoken	The mint function of a smart contract implementation for DigitalCloudToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13519
ethereum — dinsteincoin_token	The mintToken function of a smart contract implementation for DinsteinCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13671
ethereum — dmptoken	The mintToken function of a smart contract implementation for DMPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13478
ethereum — doccoin_token	The mintToken function of a smart contract implementation for doccoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13631
ethereum — doccoinpreico_token	The mintToken function of a smart contract implementation for DoccoinPreICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13630
ethereum — dopnetwork_token	The mintToken function of a smart contract implementation for dopnetwork, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13739
ethereum — eastcoin_token	The mintToken function of a smart contract implementation for Eastcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13727
ethereum — easticoin_token	The mintToken function of a smart contract implementation for Easticoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13766
ethereum — ecogreenhouse_token	The mintToken function of a smart contract implementation for ecogreenhouse, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13505
ethereum — eddtoken	The mintToken function of a smart contract implementation for eddToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13704
ethereum — elearningcoinerc_token	The mintToken function of a smart contract implementation for ELearningCoinERC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13736
ethereum — elevatecoin_token	The mintToken function of a smart contract implementation for ElevateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13527
ethereum — enter_token	The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13735
ethereum — entercoin_token	The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13782
ethereum — epiphanycoin_token	The mintToken function of a smart contract implementation for EpiphanyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13467
ethereum — erc20_ico_token	The mintToken function of a smart contract implementation for ERC20_ICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13536
ethereum — eristicaico_token	The mintToken function of a smart contract implementation for EristicaICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13666
ethereum — escut_token	The mintToken function of a smart contract implementation for Escut (ESCT) (Contract Name: JuntsPerCreixer), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13576
ethereum — esh_token	The mintToken function of a smart contract implementation for ESH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13780
ethereum — esportz_token	The mintToken function of a smart contract implementation for esportz, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13514
ethereum — essence_token	The mintToken function of a smart contract implementation for Essence, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13702
ethereum — eststoken	The mintToken function of a smart contract implementation for ESTSToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13654
ethereum — eth033_token	The mintToken function of a smart contract implementation for YourCoin (ICO) (Contract Name: ETH033), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13561
ethereum — ethercash_token	The mintToken function of a smart contract implementation for ETHERCASH (ETC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13482
ethereum — ethereumlegit_token	The mintToken function of a smart contract implementation for EthereumLegit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13537
ethereum — ethereumsmart_token	The mintToken function of a smart contract implementation for EthereumSmart, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13640
ethereum — exacorecontract_token	The mintToken function of a smart contract implementation for ExacoreContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13771
ethereum — exgroup_token	The mintToken function of a smart contract implementation for EXGROUP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13522
ethereum — exsulcoin_token	The mintToken function of a smart contract implementation for exsulcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13683
ethereum — extremetoken	The mintToken function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13605
ethereum — fanschaintoken	The mintToken function of a smart contract implementation for FansChainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13474
ethereum — film_token	The mintToken function of a smart contract implementation for FILM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13490
ethereum — finaltoken	The mintToken function of a smart contract implementation for FinalToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13749
ethereum — fiocoin_token	The mintToken function of a smart contract implementation for Fiocoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13645
ethereum — flow_token	The mintToken function of a smart contract implementation for Flow, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13525
ethereum — forevercoin_token	The mintToken function of a smart contract implementation for ForeverCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13579
ethereum — futurxe_token	The mintToken function of a smart contract implementation for FuturXe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13718
ethereum — galacticx_token	The mintToken function of a smart contract implementation for GalacticX, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13601
ethereum — galaxycoin_token	The mintToken function of a smart contract implementation for GalaxyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13578
ethereum — gatcoin_token	The mintToken function of a smart contract implementation for GATcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13564
ethereum — gcrtokenerc210_token	The mintToken function of a smart contract implementation for GCRTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13643
ethereum — gemstonetoken	The mintToken function of a smart contract implementation for GemstoneToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13543
ethereum — gfc_token	The mintToken function of a smart contract implementation for GFC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13655
ethereum — gfcb_token	The mintToken function of a smart contract implementation for GFCB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13670
ethereum — globalsupergametoken	The mintToken function of a smart contract implementation for GlobalSuperGameToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13725
ethereum — globecoin_token	An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. An attacker could use it to set any user’s balance.	CVE-2018-14004
ethereum — gmile_token	The mintToken function of a smart contract implementation for GMile, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13694
ethereum — goldtokenerc20_token	The mintToken function of a smart contract implementation for GoldTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13673
ethereum — gomineworld_token	The mintToken function of a smart contract implementation for GoMineWorld, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13721
ethereum — goochain_token	The mintToken function of a smart contract implementation for Goochain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13677
ethereum — goramcoin_token	The mintToken function of a smart contract implementation for GoramCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13571
ethereum — greenenergytoken	The mintToken function of a smart contract implementation for GreenEnergyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13693
ethereum — gsi_token	The mintToken function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13540
ethereum — hashshield_token	The mintToken function of a smart contract implementation for HashShield, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13545
ethereum — hbcm_token	The mintToken function of a smart contract implementation for HBCM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13635
ethereum — heliumnetwork_token	The mintToken function of a smart contract implementation for HeliumNetwork, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13502
ethereum — help_token	The mintToken function of a smart contract implementation for HELP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13486
ethereum — hey_token	The mintToken function of a smart contract implementation for HEY, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13730
ethereum — hittoken	The mintToken function of a smart contract implementation for HitToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13569
ethereum — hormitechtoken	The mintToken function of a smart contract implementation for HormitechToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13717
ethereum — hrwtoken	The mintToken function of a smart contract implementation for HRWtoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13501
ethereum — huntercoin_token	The mintToken function of a smart contract implementation for HunterCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13530
ethereum — hyipcrowdsale1_token	The mint function of a smart contract implementation for HYIPCrowdsale1, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13724
ethereum — hyiptoken	The mint function of a smart contract implementation for HYIPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13722
ethereum — iamrich_token	The mintToken function of a smart contract implementation for IamRich, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13509
ethereum — ico_dollar_token	The mintToken function of a smart contract implementation for ICO Dollar (ICOD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13686
ethereum — icocontract_token	The mintToken function of a smart contract implementation for IcoContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13469
ethereum — ideacoin_token	The mintToken function of a smart contract implementation for IdeaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13706
ethereum — instacocoa_token	The mintToken function of a smart contract implementation for Instacocoa, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13690
ethereum — ioct_coin_token	The mintToken function of a smart contract implementation for IOCT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13616
ethereum — ipmcoin_token	The mintToken function of a smart contract implementation for IPMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13700
ethereum — ipshoots_token	The mintToken function of a smart contract implementation for ipshoots, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13653
ethereum — iseevoicetoken	The mintToken function of a smart contract implementation for ISeeVoiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13726
ethereum — jaxbox_token	The mintToken function of a smart contract implementation for JaxBox, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13555
ethereum — jeanstoken	The mintToken function of a smart contract implementation for JeansToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13769
ethereum — jiucaitoken	The mintToken function of a smart contract implementation for JiucaiToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13783
ethereum — jixocoin_token	The mintToken function of a smart contract implementation for JixoCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13728
ethereum — jpmd100b_token	The mintToken function of a smart contract implementation for JPMD100B, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13729
ethereum — justwallet_token	The mintToken function of a smart contract implementation for JustWallet, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13751
ethereum — kapaycoin_token	The mintToken function of a smart contract implementation for KAPAYcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13498
ethereum — kapcoin_token	The mintToken function of a smart contract implementation for KAPcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13591
ethereum — kbit_token	The mintToken function of a smart contract implementation for kBit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13746
ethereum — kelvintoken	The mintToken function of a smart contract implementation for KelvinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13560
ethereum — kissme_token	The mintToken function of a smart contract implementation for KissMe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13701
ethereum — kktestcoin1_token	The mint function of a smart contract implementation for kkTestCoin1 (KTC1), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13570
ethereum — kmctoken	The mintToken function of a smart contract implementation for KMCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13495
ethereum — krown_token	The mintlvlToken function of a smart contract implementation for Krown, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13625
ethereum — landcoin_token	The mintToken function of a smart contract implementation for LandCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13765
ethereum — lexittoken	The mintToken function of a smart contract implementation for LexitToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13680
ethereum — lolicoin_token	The mintToken function of a smart contract implementation for LoliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13758
ethereum — lottery_token	The mintToken function of a smart contract implementation for Lottery, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13678
ethereum — malaysia_coins_token	An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user’s balance.	CVE-2018-14005
ethereum — malltoken	The mintToken function of a smart contract implementation for MallToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13688
ethereum — martcoin_token	The mintToken function of a smart contract implementation for Martcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13633
ethereum — mavcash_token	The mintToken function of a smart contract implementation for MAVCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13614
ethereum — maxhouse_token	The mintToken function of a smart contract implementation for MaxHouse, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13531
ethereum — mediacubetoken	The mintToken function of a smart contract implementation for MediaCubeToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13634
ethereum — medicayunlink_token	The mintToken function of a smart contract implementation for MedicayunLink, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13610
ethereum — mehditazitoken	The mintToken function of a smart contract implementation for MehdiTAZIToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13692
ethereum — micoinnetworktoken	The mintToken function of a smart contract implementation for MicoinNetworkToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13651
ethereum — micointoken	The mintToken function of a smart contract implementation for MicoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13619
ethereum — micro_btc_token	The mintToken function of a smart contract implementation for Micro BTC (MBTC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13553
ethereum — mimicoin_token	The mintToken function of a smart contract implementation for Mimicoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13548
ethereum — mindexcoin_token	The mintToken function of a smart contract implementation for Mindexcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13532
ethereum — miningtoken	The mint function of a smart contract implementation for MiningToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13602
ethereum — mjctoken	The mintToken function of a smart contract implementation for MJCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13615
ethereum — mjolnir_token	The mintToken function of a smart contract implementation for Mjolnir, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13710
ethereum — mkethtoken	The mintToken function of a smart contract implementation for mkethToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13483
ethereum — mktcoin_token	The mintToken function of a smart contract implementation for MktCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13568
ethereum — mmcoin_token	The mintToken function of a smart contract implementation for MMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13504
ethereum — momentumtoken	The mintToken function of a smart contract implementation for MomentumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13628
ethereum — moneychainnet_token	The mintToken function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13760
ethereum — moneytree_token	The mintToken function of a smart contract implementation for MoneyTree (TREE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13554
ethereum — mooadvtoken	The mintToken function of a smart contract implementation for MooAdvToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13589
ethereum — moontoken	The mintToken function of a smart contract implementation for MoonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13462
ethereum — mp3_coin_token	An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. An attacker could use it to set any user’s balance.	CVE-2018-14002
ethereum — msxadvanced_token	The mintToken function of a smart contract implementation for MSXAdvanced, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13500
ethereum — mvgcoin_token	The mintToken function of a smart contract implementation for MVGcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13641
ethereum — my2token	The mintToken function of a smart contract implementation for My2Token, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13582
ethereum — myoffer_token	The mintToken function of a smart contract implementation for MyOffer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13627
ethereum — myylc_token	The mintToken function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13781
ethereum — naga_token	The mintToken function of a smart contract implementation for naga, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13492
ethereum — ncu_token	The mintToken function of a smart contract implementation for NCU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13669
ethereum — nectar_token	The mintToken function of a smart contract implementation for Nectar (NCTR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13586
ethereum — neo_genesis_token	An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract. An attacker could use it to set any user’s balance.	CVE-2018-14006
ethereum — netkilleradvancedtokenairdrop_token	The mintToken function of a smart contract implementation for NetkillerAdvancedTokenAirDrop, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13761
ethereum — netkillertoken	The mintToken function of a smart contract implementation for Enterprise Token Ecosystem (ETE) (Contract Name: NetkillerToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13773
ethereum — neurotoken	The mintToken function of a smart contract implementation for NeuroToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13549
ethereum — nexpara_token	The mintToken function of a smart contract implementation for NEXPARA, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13632
ethereum — normikaivo_token	The mintToken function of a smart contract implementation for normikaivo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13687
ethereum — numisma_token	The mintToken function of a smart contract implementation for Numisma, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13544
ethereum — objecttoken	The mintToken function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13622
ethereum — obtcoin_token	The mintToken function of a smart contract implementation for OBTCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13672
ethereum — ohni_2_token	The mintToken function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13473
ethereum — olliscoin_token	The mintToken function of a smart contract implementation for OllisCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13489
ethereum — onechain_token	The mintToken function of a smart contract implementation for OneChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13740
ethereum — orderbook_presale_token	The mintToken function of a smart contract implementation for Orderbook Presale Token (OBP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13676
ethereum — otakutoken	The mintToken function of a smart contract implementation for OTAKUToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13755
ethereum — paccoin_token	The mintToken function of a smart contract implementation for PACCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13535
ethereum — paulycoin_token	The mintToken function of a smart contract implementation for PaulyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13465
ethereum — pelocointoken	The mintToken function of a smart contract implementation for PELOCoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13738
ethereum — pgm_coin_token	The mintToken function of a smart contract implementation for PGM_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13572
ethereum — philcoin_token	The mintToken function of a smart contract implementation for PhilCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13476
ethereum — pinkytoken	The mintToken function of a smart contract implementation for PinkyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13521
ethereum — platotoken	The mintToken function of a smart contract implementation for PlatoToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13487
ethereum — play2livepromo_token	The mintTokens function of a smart contract implementation for Play2LivePromo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13698
ethereum — pmet_token	The mintToken function of a smart contract implementation for PMET, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13712
ethereum — pmhtoken	The mintToken function of a smart contract implementation for PMHToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13705
ethereum — porncoin_token	The mintToken function of a smart contract implementation for PornCoin (PRNC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13524
ethereum — projectj_token	The mintToken function of a smart contract implementation for ProjectJ, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13733
ethereum — providence_crypto_casino_token	The mintToken function of a smart contract implementation for Providence Crypto Casino (PVE) (Contract Name: ProvidenceCasinoToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13547
ethereum — providencecasino_token	The mintToken function of a smart contract implementation for ProvidenceCasino (PVE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13580
ethereum — qrg_token	The mintToken function of a smart contract implementation for QRG, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13480
ethereum — rajtest_token	The mintToken function of a smart contract implementation for RajTest, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13592
ethereum — rajtestico_token	The mintToken function of a smart contract implementation for RajTestICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13496
ethereum — rckt_coin_token	The mintToken function of a smart contract implementation for RCKT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13775
ethereum — redticket_token	The mintToken function of a smart contract implementation for RedTicket, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13696
ethereum — remicoin_token	An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin (RMC), an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks.	CVE-2018-12230
ethereum — residualshare_token	The mintToken function of a smart contract implementation for ResidualShare, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13607
ethereum — residualvalue_token	The mintToken function of a smart contract implementation for ResidualValue, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13599
ethereum — retntoken	The mintToken function of a smart contract implementation for RETNToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13566
ethereum — rhovit_token	The mintToken function of a smart contract implementation for rhovit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13558
ethereum — rice_token	The mintToken function of a smart contract implementation for Rice, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13657
ethereum — richiumtoken	The mintToken function of a smart contract implementation for RichiumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13750
ethereum — riptidecoin_token	The mintToken function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13732
ethereum — robincoin_token	The mintToken function of a smart contract implementation for Robincoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13612
ethereum — robotbtc_token	The mintToken function of a smart contract implementation for RobotBTC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13697
ethereum — rocket_coin_token	An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. An attacker could use it to set any user’s balance.	CVE-2018-13836
ethereum — royalclassiccoin_token	The mintToken function of a smart contract implementation for RoyalClassicCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13644
ethereum — rrtoken	The mintToken function of a smart contract implementation for RRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13777
ethereum — rtokenmain_token	The mintToken function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13691
ethereum — sample_token	The mintToken function of a smart contract implementation for Sample Token (STK) (Contract Name: cashBackMintable), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13656
ethereum — sdr22_token	The mintToken function of a smart contract implementation for SDR22, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13506
ethereum — sdr_token	The mintToken function of a smart contract implementation for SDR, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13567
ethereum — secoin_token	The mintToken function of a smart contract implementation for SECoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13642
ethereum — semaintoken	The mintToken function of a smart contract implementation for SemainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13626
ethereum — sendme_token	The mintToken function of a smart contract implementation for SendMe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13598
ethereum — sexhdsolo_token	The mintToken function of a smart contract implementation for sexhdsolo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13716
ethereum — sharktech_token	An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. An attacker could use it to set any user’s balance.	CVE-2018-14001
ethereum — shitcoin_token	The mintToken function of a smart contract implementation for ShitCoin (SHITC) (Contract Name: AdvancedShit), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13577
ethereum — shmoo_token	The mintToken function of a smart contract implementation for Shmoo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13583
ethereum — sipcoin_token	The mintToken function of a smart contract implementation for SIPCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13590
ethereum — sipctoken	The mintToken function of a smart contract implementation for SIPCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13538
ethereum — slcadvancedtoken	The mintToken function of a smart contract implementation for SLCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13507
ethereum — slidebitstoken	The mintToken function of a smart contract implementation for SlidebitsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13479
ethereum — smart_contract_implementation_for_tickets_token	The mintToken function of a smart contract implementation for tickets (TKT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13742
ethereum — smarthomecoin_token	The mintToken function of a smart contract implementation for SmartHomeCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13512
ethereum — smartpayment_token	The mintToken function of a smart contract implementation for SmartPayment, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13523
ethereum — soscoin_token	The mintToken function of a smart contract implementation for SOSCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13681
ethereum — soundtribetoken	The mintToken function of a smart contract implementation for SoundTribeToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13621
ethereum — south_park_token	The mintToken function of a smart contract implementation for South Park Token Token (SPTKN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13503
ethereum — speedcashlite_token	The mintToken function of a smart contract implementation for SpeedCashLite (SCSL), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13534
ethereum — stctoken	The mintToken function of a smart contract implementation for STCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13745
ethereum — super_cool_awesome_money_token	The mintToken function of a smart contract implementation for Super Cool Awesome Money (SCAM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13516
ethereum — superenergy_token	The mintToken function of a smart contract implementation for SuperEnergy (SEC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13743
ethereum — susantokenerc20_token	The mintToken function of a smart contract implementation for SusanTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13494
ethereum — t-swap-token	The mintToken function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13463
ethereum — t_swap_token	The mintToken function of a smart contract implementation for t_swap, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13464
ethereum — tcash_token	The mintToken function of a smart contract implementation for TCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13518
ethereum — testahihi_token	The mintToken function of a smart contract implementation for TESTAhihi, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13596
ethereum — testcoin_token	The mintToken function of a smart contract implementation for testcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13597
ethereum — theflashtoken	The mintToken function of a smart contract implementation for TheFlashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13772
ethereum — thegodgital_token	The mintToken function of a smart contract implementation for TheGoDgital, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13658
ethereum — thegodigital_token	The mintToken function of a smart contract implementation for TheGoDigital, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13652
ethereum — thread_token	The mintToken function of a smart contract implementation for Thread, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13752
ethereum — tokenmachu_token	The mintToken function of a smart contract implementation for TokenMACHU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13731
ethereum — topscoinadvanced_token	The mintToken function of a smart contract implementation for TopscoinAdvanced, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13520
ethereum — trabet_coin_preico_token	The mintToken function of a smart contract implementation for Trabet_Coin_PreICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13552
ethereum — trabet_coin_token	The mintToken function of a smart contract implementation for Trabet_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13557
ethereum — tradesman_token	The mintToken function of a smart contract implementation for Tradesman, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13713
ethereum — travelcoin_token	The mintToken function of a smart contract implementation for TravelCoin (TRV), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13581
ethereum — tripcash_token	The mintToken function of a smart contract implementation for TripCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13620
ethereum — trippay_token	The mintToken function of a smart contract implementation for TripPay, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13573
ethereum — trium_token	The mintToken function of a smart contract implementation for TRIUM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13481
ethereum — truegoldcointoken	The mintToken function of a smart contract implementation for TrueGoldCoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13647
ethereum — tube_token	The mintToken function of a smart contract implementation for Tube, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13709
ethereum — turdcoin_token	The mintToken function of a smart contract implementation for TurdCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13636
ethereum — ubiou_token	The mintToken function of a smart contract implementation for Ubiou, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13513
ethereum — ublasti_token	The mintToken function of a smart contract implementation for Ublasti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13763
ethereum — ultimatecoin_token	The mintToken function of a smart contract implementation for UltimateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13770
ethereum — upaytoken	The mintToken function of a smart contract implementation for UPayToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13563
ethereum — utbtokentest_token	The mintToken function of a smart contract implementation for UTBTokenTest, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13667
ethereum — utct_token	The mintToken function of a smart contract implementation for UTCT, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13559
ethereum — vanminhcoin_token	The mintToken function of a smart contract implementation for VanMinhCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13747
ethereum — vicetoken_ico_is_a_scam_token	The mintToken function of a smart contract implementation for VICETOKEN_ICO_IS_A_SCAM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13618
ethereum — virtual_energy_units_token	The mintToken function of a smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13639
ethereum — vitemoneycoin_token	The mintToken function of a smart contract implementation for ViteMoneyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13682
ethereum — vittoken	The mintToken function of a smart contract implementation for VITToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13508
ethereum — vornox_token	The mintToken function of a smart contract implementation for Vornox (VRX) (Contract Name: VornoxCoinToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13685
ethereum — vsctoken	The mintToken function of a smart contract implementation for VSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13475
ethereum — wangwangtoken	The mintToken function of a smart contract implementation for WangWangToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13526
ethereum — welfare_token_fund_token	The mintToken function of a smart contract implementation for Welfare Token Fund (WTF), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13510
ethereum — wellieat_token	The mintToken function of a smart contract implementation for wellieat, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13604
ethereum — wemediachain_token	An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. An attacker could use it to set any user’s balance.	CVE-2018-14003
ethereum — worldopctionchain_token	The mintToken function of a smart contract implementation for WorldOpctionChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13662
ethereum — wxsltoken	The mintToken function of a smart contract implementation for WXSLToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13624
ethereum — yambyo_token	The mintToken function of a smart contract implementation for YAMBYO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13675
ethereum — yasudem_token	The mintToken function of a smart contract implementation for yasudem, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13584
ethereum — yestoken	The mintToken function of a smart contract implementation for YESToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13575
ethereum — ylctoken	The mintToken function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13779
ethereum — yss_token	The mintToken function of a smart contract implementation for YSS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13707
ethereum — yumerium_token	The mintToken function of a smart contract implementation for Yumerium, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13762
ethereum — zibtoken	The mintToken function of a smart contract implementation for ZIBToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13542
ethereum — zip_token	The mintToken function of a smart contract implementation for ZIP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13684
ethereum — zpecoin_token	The mintToken function of a smart contract implementation for ZPEcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13679
ethereum — ztoken	The mintToken function of a smart contract implementation for ZToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.	CVE-2018-13768

Application Development, Potential Risk of CVE, Under our observation

Node.js hits arbitrary command injection (CVE-2018-13797)

July 16, 2018 admin 1 Comment

Node.js framework become popular today. Node.js can build the application on ethereum (cryptocurrency). Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient. Node.js’ package ecosystem, npm, is the largest ecosystem of open source libraries in the world.

Meanwhile, npm is a package manager for the JavaScript programming language. It is the default package manager for the JavaScript runtime environment Node.js. Software developers must stay alert on CVE-2018-13797. Should you have interested, please refer below:

Fixes arbitrary command injection by using execFile instead of exec:

https://github.com/scravy/node-macaddress/commit/358fd594adb196a86b94ac9c691f69fe5dad2332

https://github.com/scravy/node-macaddress/pull/20/

IoT, Potential Risk of CVE, Under our observation

Jul 2018 – Siemens Security Advisory by Siemens ProductCERT

July 16, 2018 admin Leave a comment

Selective Availability (SA) was an intentional degradation of public GPS signals implemented for national security reasons. In May 2000, at the direction of President Bill Clinton, the U.S government discontinued its use of Selective Availability in order to make GPS more responsive to civil and commercial users worldwide. And therefore the GPS open to public usage. Measuring distance from a satellite define by the following:

Velocity x time = distance
Three perfect measurements can locate a point in 3-dimensional space, means synchorning the satellite and receiver are based on perfect timing (clock). A major element in GPS system.

But security vulnerabilities occurs on the timing machine. Official announcement shown as below:

Siemens Security Advisory by Siemens ProductCERT SSA-197012: Vulnerabilities in SICLOCK central plant clocks: https://cert-portal.siemens.com/productcert/pdf/ssa-197012.pdf

Data privacy, Potential Risk of CVE, Under our observation

Jul 2018 – The IoT P2P (Peer to Peer) design flaw let passwords of over 30,000 devices exposed in search engine

July 16, 2018 admin 2 Comments

The P2P (Peer to Peer) function is common function for the operation support for Internet of things devices. It aim to simplify the operation and increasing flexibility. We now focusing on data personal privacy but the fundamental of user friendly functions looks contained contradiction with secure operation. The firm (NewSky security) found password for tens of thousands of Dahua devices cached in the IoT search engine. In the meantime the hardware manufacturer not provides any responses in regard to this incident. Stay tuned! And see whether what is the reply by hardware vendor.

Should you have interested to know the details, please refer to attached diagram and url for references.

Passwords for tens of thousands of Dahua devices cached in the IoT search engine – https://amazingreveal.com/2018/07/15/passwords-for-tens-of-thousands-of-dahua-devices-cached-in-the-iot-search-engine/

Official Announcement/Notice – https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice

Vulnerability found recently

22nd May 2018: Security Advisory – Privilege escalation vulnerability found in some Dahua IP products

cyber security incident news highlight, Public safety, Under our observation, Virus & Malware

New version of black energy cyber attack target Microsoft OLE product design weakness

July 14, 2018 admin Leave a comment

Ukrainian intel agency has claimed it stopped a cyber attack against a chlorine plant that was launched using the notorious VPNFilter malware. Perhaps the world focusing VPN filter malware spreading and infection. We known earlier last month that such attack targets are the low end wireless router and network access storage (NAS).

However, from my point of view is that the main stream of the cyber attack so far happening not limit to this incident. The fact is that lure the attacker interest to do the re-engineering of their attacks seems maintain on Microsoft office product. What is the key component? Yes, it is OLE objective linking and embedding. Or you may say, if I am following Microsoft patch Tue remediation schedule it will be safe. It looks correct. But normal RTF file, it was able to avoid detection by many security products. And therefore attacker conduct similar hacking technology to execute cyber attack in Ukrainian. The political situation of Ukrainian given a never ending story. Meanwhile the world never without using MS office document!

Reference:

Headlines news – Ukraine claims it blocked VPNFilter attack at chemical plant : https://www.theregister.co.uk/2018/07/13/ukraine_vpnfilter_attack/

My speculation on how Cisco (Talos) found the malware (VPNFilter malware)

My speculation on how Cisco (Talos) found the malware (VPNFilter malware).

Uncategorized

12th Jul 2018 – ISC Kea 1.4.0 failure to release memory may exhaust system resources

July 12, 2018 admin Leave a comment

CVE-2018-5739: ISC Kea 1.4.0 failure to release memory may exhaust system resources

Hook/Hook Point – used interchageably, this is a point in the code at which a call to user functions is made. Each hook has a name and each hook can have any number (including 0) of user functions attached to it. Store leases and host reservations in a MySQL, PostgreSQL or Cassandra database rather than a text file.

official document for reference: https://kb.isc.org/article/AA-01626

Cyber security technical information

Cisco Security Advisories and Alerts published on Wed 18th Jul 2018.

Jul 2018 – What’s up involving LabCorp Cyber Security incident ?

Have you heard CVE-20170-5645? Oracle critical patch update advisory – July 2018.

July 2018 – SAP Security Patch Day

9th Jul 2018 – Total 329 ethereum tokens vulnerable for integer overflow

Node.js hits arbitrary command injection (CVE-2018-13797)

Jul 2018 – Siemens Security Advisory by Siemens ProductCERT

Jul 2018 – The IoT P2P (Peer to Peer) design flaw let passwords of over 30,000 devices exposed in search engine

New version of black energy cyber attack target Microsoft OLE product design weakness

12th Jul 2018 – ISC Kea 1.4.0 failure to release memory may exhaust system resources

antihackingonline.com