- CVE-2018-8037: User sessions can get mixed up
- CVE-2018-1336: Denial Of Service (DoS) via UTF-8 decoder
- CVE-2018-8034: No host name verification in WebSocket client
Category Archives: Potential Risk of CVE
Ethereum carrier Solidity shield – Call abuse vulnerability (CVE-2018-14087)
An Integer Overflow is the condition that occurs when the result of an arithmetic operation, such as multiplication or addition, exceeds the maximum size of the integer type used to store it. Ethereum hits such vulnerability in frequent. The solidity programming language rescue Ethererum in the cryptocurrency world. But no prefect things in the world. A vulnerability found on Ethereum EUC token recently. The EUC token build by solidity programming language. The guru given his nick name “call abused” vulnerability. For details, please see below hyperlink for references.
Ethereum EUC Token (call abused) – CVE-2018-14087
https://github.com/rootclay/Audit-of-smart-contracts/tree/master/0x8810C63470d38639954c6B41AaC545848C46484a
Additional information – Ethereum integer overflow vulnerabilities
Ethereum aditus token (CV-2018-12959):
https://github.com/hellowuzekai/blockchains/blob/master/overflow2.md
Ethereum mkcb_token:
https://github.com/hellowuzekai/blockchains/blob/master/README.md
Ethereum singaporecoinorigin token:
https://github.com/hellowuzekai/blockchains/blob/master/overflow1.md
Ethereum stex white list token:
https://github.com/hellowuzekai/blockchains/blob/master/overflow3.md
Ethereum tracto token:
https://github.com/tracto2/Tracto-ERC20/issues/1
Ethereum virgo zodiactoken token:
https://github.com/hellowuzekai/blockchains/blob/master/transferFrom.md
Not belongs to integer overflow vulnerability:
Ethereum userwallet 0x0a7bca9fb7af-f26c6ed8029b-b6f0f5d291587c42 token:
https://github.com/hellowuzekai/blockchains/blob/master/delegatecall.md
A vulnerability has been identified in IEC 61850 system configurator – CVE-2018-4858
When a lot of cyber security Guru focusing the nuclear power and critical facilities. It looks they also requires to includes the power substation. From techincal point of view, control central will be hardening both console and network environment. But how about the configuration console for substation? Does it allow install the configuration software (IEC 61850 system configurator) on notebook for outdoor work? Siemens IEC 61850 system configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC products are affected by a security vulnerability which could allow an attacker to either exfiltrate limited data from the system or to execute code with operating system user permissions. Cyber security attack will be exploited different channels. But the major pathway is the product vulnerabilities.
Official announcement by Siemens shown as below:
https://cert-portal.siemens.com/productcert/pdf/ssa-159860.pdf
Status update: 30th Jul 2018
A vulnerability confirm by vendor that a Denial-of-Service occurs in EN100 Ethernet Communication Module and SIPROTEC 5 relays.
Official announcement by Siemens shown as below:
https://cert-portal.siemens.com/productcert/pdf/ssa-635129.pdf
Defending the Power Grid From Hackers – Jul 2018
Cyber defense facilities today are very strong and effecive to fight against different of cyber attacks. Even though stealer deploy DNS steal technique to exfiltrate the data from a firm. Anti cyber technology have their way to quarantine and deny such activities. Perhaps you said the IoT devices attack that wreaked hovac worldwide. It is hard to avoid. But it still have resolution. Cyber security vendor deploy network discover facitiles. No matter Dot one X or non Dot one X devices they can find. So it looks perfect, no any concern any more. But why we still have cyber attack incident happens today?
The Next Cyber Battleground
Sound scary! The Next Cyber Battleground
Expert predict that digital infrastructure is the high target to receive cyber attack. That is even through smart City, manufacturing automation, geospatial data system,..etc.
Some experts believe cyber incidents go underreported in the nuclear sector. The reason is that the Nuclear Regulatory Commission only requires the reporting of incidents that affect the safety, security functions, or emergency preparedness of the plant. May be it do not want to caused a public panic.
We heard cyber attack to SCADA in frequent. Whether SCADA contains design weakness or there is other factor?
The SCADA Data Gateway (SDG) is a Windows™ application used by System Integrators and Utilities to collect data from OPC, IEC 60870-6 (TASE.2/ICCP), IEC 61850, IEC 60870-5, DNP3, or Modbus Server/Slave devices and then supplies this data to other control systems supporting OPC, IEC 60870-6 (TASE.2/ICCP) Client, IEC 60870-5, DNP3, and/or Modbus Client/Master communication protocols.
The core component supporting SCADA infrastructure build by Microsoft products in common. And therefore the attack surface will be divided in several ways. We understand that Nuclear facilties do not provided any public web portal. So direct attacks looks not possible. However Microsoft office products has full market coverage in the world. It is rare that people not using MS-Word for word processing work, right? As a matter of fact, hacker now transform MS office product become a cyber attack media. They re-use former MS office vulnerabilities. It has possibilities execute the Infiltration. From technical point of view, even though attacker send out the RTF format of file. It is also workable.
Remark: RTF is a text file format used by Microsoft products, such as Word and Office. RTF, or Rich Text Format, files were developed by Microsoft in 1987 for use in their products and for cross-platform document interchange. RTF is readable by most word processors.
Quote:
Hackers are using Microsoft Word documents (or more specifically, RTF files listed with a “.doc” extension) to trick people into opening the files.
On this discussion objective, I am not going to drill into any technical details. But our aim would like to provides hints see whether it can enrich the security awareness.
Below details common bad mailicious MS-word documents checklist for reference.
| 722154A36F32BA10E98020A8AD758A7A | MD5 | FILENAME:CV Controls Engineer.docx |
| 243511A51088D57E6DF08D5EF52D5499 | MD5 | FILENAME:CV Control Engeneer.docx |
| 277256F905D7CB07CDCD096CECC27E76 | MD5 | FILENAME:CV Jon Patrick.docx |
| 4909DB36F71106379832C8CA57BA5BE8 | MD5 | FILENAME:Controls Engineer.docx |
| 4E4E9AAC289F1C55E50227E2DE66463B | MD5 | FILENAME:Controls Engineer.docx |
| 5C6A887A91B18289A70BDD29CC86EBDB | MD5 | FILENAME:High R-Value Energy.docx |
| 6C3C58F168E883AF1294BBCEA33B03E6 | MD5 | FILENAME:CV_Jon_Patrick.docx |
| 78E90308FF107CE38089DFF16A929431 | MD5 | FILENAME:CV Jon Patrick.docx |
| 90514DEE65CAF923E829F1E0094D2585 | MD5 | FILENAME:CV_Jon_Patrick.docx |
| C1529353E33FD3C0D2802BB558414F11 | MD5 | FILENAME:Build Hydroelectric Turbine.docx |
| CDA0B7FBDBDCEF1777657182A504283D | MD5 | FILENAME:Resume_Key_And_Personal.docx |
| DDE2A6AC540643E2428976B778C43D39 | MD5 | FILENAME:CV_Jon_Patrick.docx |
| E9A906082DF6383AA8D5DE60F6EF830E | MD5 | FILENAME:CV_Jon_Patrick.docx |
| 038A97B4E2F37F34B255F0643E49FC9D | MD5 | FILENAME:Controls Engineer (2).docx |
| 31008DE622CA9526F5F4A1DD3F16F4EA | MD5 | FILENAME:Controls Engineer (4).docx |
| 5ACC56C93C5BA1318DD2FA9C3509D60B | MD5 | FILENAME:Controls Engineer (7).docx |
| 65A1A73253F04354886F375B59550B46 | MD5 | FILENAME:Controls Engineer (3).docx |
| 8341E48A6B91750D99A8295C97FD55D5 | MD5 | FILENAME:Controls Engineer (5).docx |
| 99AA0D0ECEEFCE4C0856532181B449B1 | MD5 | FILENAME:Controls Engineer (8).docx |
| A6D36749EEBBBC51B552E5803ED1FD58 | MD5 | FILENAME:Controls Engineeer.docx |
| 3C432A21CFD05F976AF8C47A007928F7 | MD5 | FILENAME:Report03-23-2017.docx |
| 34A11F3D68FD6CDEF04B6DF17BBE8F4D | MD5 | FILENAME:corp_rules(2016).docx |
| 141E78D16456A072C9697454FC6D5F58 | MD5 | FILENAME:corp_rules(2016).docx |
| BFA54CCC770DCCE8FD4929B7C1176470 | MD5 | FILENAME:invite.docx |
| 848775BAB0801E5BB15B33FA4FCA573C | MD5 | FILENAME:Controls Engineer.docx |
| MD5 | FILENAME:corp_rules(2016).docx | |
| MD5 | FILENAME:corp_rules(2016).docx | |
| MD5 | FILENAME:invite.docx |
Happy hunting – bye!
If you are the cisco SD WAN /iWan customer, you should stay alert! 18th Jul 2018 (Cisco security advisories)
Intelligent WAN (iWAN) is a Cisco SD-WAN product that was built from an existing Cisco product (also called iWAN).
How do you deploy Cisco SD-WAN?
• Cloud-based management and vAnalytics dashboard
• Virtual or physical secure routers for on-premise or cloud
• In-house IT or managed service with service providers or system integrators
• Capital Expenditures (CapEx) and annual subscription licenses or
enterprise-based agreements
If you are the cisco SD WAN /iWan customer, you should stay alert in below items.
Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-fo
Cisco SD-WAN Solution Zero Touch Provisioning Denial of Service Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-dos
Cisco SD-WAN Solution Configuration and Management Database Remote Code Execution Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cx
Cisco SD-WAN Solution Command Injection Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-coinj
Cisco SD-WAN Solution CLI Command Injection Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cmdnjct
Cisco SD-WAN Solution VPN Subsystem Command Injection Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cmdinj
Cisco SD-WAN Solution Zero Touch Provisioning Command Injection Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-ci
Cisco Security Advisories and Alerts published on Wed 18th Jul 2018.
Cisco Policy Suite for Mobile is a carrier-grade policy, charging, and subscriber data management solution. It helps service providers rapidly create and bring services to market, deliver a positive user experience, and optimize network resources. It also generates monetization opportunities across 3G, 4G, and LTE access networks as well as IP Multimedia Subsystem (IMS) service architectures.
Seems this round will make ISP busy!
Cisco Policy Suite Policy Builder Unauthenticated Access Vulnerability (CVE-2018-0376) – Critical
Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability (CVE-2018-0377) – Critical
Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability (CVE-2018-0374) – Critical
Cisco Policy Suite Cluster Manager Default Password Vulnerability (CVE-2018-0375) – Critical
Have you heard CVE-20170-5645? Oracle critical patch update advisory – July 2018.
Background
Java programming language sometimes look like a accomplice. The Java Sandbox, which attempts to enforce a privilege model that permits safe execution of untrusted code, and is most famously used to permit the automatic execution of Java Applets in a browser.
Vulnerability details
Apache Log4j is a Java-based logging utility. Log4j is one of several Java logging frameworks. A design flaw found on Oracle products, Log4j has possibility then let vulnerabilities remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.
Sample of using the Log4j Library
public class Jangles {
private static Log log = LogFactory.getLog(Jangles.class);
Public static void main(String[] args){
log.info("This is a testing message.");
if(log.isDebugEnabled()){
log.debug("This is a testing message.");
}
}
}
Above sample will enable Log4j to control the output of other libraries which use Apache Commons Logging like the Java Caching System.
So, do you think this is the root causes hits the vulnerability?
Perhaps this vulnerability reference number go back 2017. However Oracle Critical Patch Update Advisory on July 2018 still has status update of this vulnerability. If you are the Oracle product user, you must stay alert. You should stay alert!
Vulnerability detail:
This vulnerability is remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.
Official announcement hyperlink shown as below:
Oracle Critical Patch Update Advisory – July 2018 – http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixEM
Affected Products version and vulnerability details :
| CVE | Product | Component | Remote Exploit without Auth.? | Base score | Supported Versions Affected |
| CVE-2017-5645 | Enterprise Manager Base Platform | Installer (Apache Log4j) | Yes | 9.8 | 12.1.0.5, 13.2.x |
| CVE-2017-5645 | Enterprise Manager Base Platform | Security Framework (Apache Log4j) | Yes | 9.8 | 12.1.0.5, 13.2.x |
| CVE-2017-5645 | Enterprise Manager for Fusion Middleware | Application Replay (Apache Log4j) | Yes | 9.8 | 12.1.0.5, 13.2.x |
| CVE-2017-5645 | Enterprise Manager for Fusion Middleware | FMW Plugin for CC (Apache Log4j) | Yes | 9.8 | 12.1.0.5, 13.2.x |
| CVE-2017-5645 | Enterprise Manager for MySQL Database | EM Plugin: General (Apache Log4j) | Yes | 9.8 | 13.2.2.0.0 and prior |
| CVE-2017-5645 | Enterprise Manager for Oracle Database | Provisioning (Apache Log4j) | Yes | 9.8 | 12.1.0.8, 13.2.2 |
| CVE-2017-5645 | Enterprise Manager for Peoplesoft | PSEM Plugin (Apache Log4j) | Yes | 9.8 | 13.1.1.1, 13.2.1.1 |
| CVE-2017-5645 | Oracle Banking Platform | Collections (Apache Log4j) | Yes | 9.8 | 2.6.0, 2.6.1, 2.6.2 |
| CVE-2017-5645 | Oracle Financial Services Analytical Applications Infrastructure | Infrastructure (Apache Log4j) | Yes | 9.8 | 7.3.3.x, 8.0.x |
| CVE-2017-5645 | Oracle Financial Services Behavior Detection Platform | Ingestion (Apache Log4j) | Yes | 9.8 | 8.0.x |
| CVE-2017-5645 | Oracle Financial Services Funds Transfer Pricing | Logging (Apache Log4j) | Yes | 9.8 | 6.1.1, 8.0.x |
| CVE-2017-5645 | Oracle Financial Services Hedge Management and IFRS Valuations | Logging (Apache Log4j) | Yes | 9.8 | 8.0.4, 8.0.5 |
| CVE-2017-5645 | Oracle Financial Services Loan Loss Forecasting and Provisioning | Logging (Apache Log4j) | Yes | 9.8 | 8.0.4, 8.0.5 |
| CVE-2017-5645 | Oracle Financial Services Profitability Management | Logging (Apache Log4j) | Yes | 9.8 | 6.1.1, 8.0.x |
| CVE-2017-5645 | Oracle Enterprise Data Quality | General (Apache Log4j) | Yes | 9.8 | 12.2.1.3.0 |
| CVE-2017-5645 | Oracle Fusion Middleware MapViewer | Install (Apache Log4j) | Yes | 9.8 | 12.2.1.2, 12.2.1.3 |
| CVE-2017-5645 | MySQL Enterprise Monitor | Service Manager (Apache Log4j) | Yes | 9.8 | 3.4.7.4297 and prior, 4.0.4.5235 and prior, 8.0.0.8131 and prior |
| CVE-2017-5645 | PeopleSoft Enterprise FIN Install | Security (Apache Log4j) | Yes | 9.8 | 9.2 |
| CVE-2017-5645 | Oracle Policy Automation | Determinations Engine (Apache Log4j) | Yes | 9.8 | 10.4.7, 12.1.0, 12.1.1, 12.2.0, 12.2.1, 12.2.2, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7, 12.2.8, 12.2.9, 12.2.10 |
| CVE-2017-5645 | Oracle Policy Automation Connector for Siebel | Core (Apache Log4j) | Yes | 9.8 | 10.4.6 |
| CVE-2017-5645 | Oracle Policy Automation for Mobile Devices | Core (Apache Log4j) | Yes | 9.8 | 10.4.7, 12.1.0, 12.1.1, 12.2.0, 12.2.1, 12.2.2, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7, 12.2.8, 12.2.9, 12.2.10 |
| CVE-2017-5645 | Oracle Retail Clearance Optimization Engine | General Application (Apache Log4j) | Yes | 9.8 | 14.0.5 |
| CVE-2017-5645 | Oracle Retail Financial Integration | PeopleSoft Integration Bugs (Apache Log4j) | Yes | 9.8 | 13.2.x, 14.0.x, 14.1.x, 15.0.x, 16.0.x, 16.0.x |
| CVE-2017-5645 | Oracle Retail Integration Bus | RIB Kernal (Apache Log4j) | Yes | 9.8 | 12.0.x, 13.0.x, 13.1.x, 13.2.x, 14.0.0 14.1.0, 15.0, 16.0 |
| CVE-2017-5645 | Oracle Retail Predictive Application Server | RPAS Fusion Client (Apache Log4j) | Yes | 9.8 | 15.0.3 |
| CVE-2017-5645 | Oracle Retail Service Backbone | Install (Apache Log4j) | Yes | 9.8 | 14.0.x, 14.1.x, 15.0.x, 16.0.x |
| CVE-2017-5645 | Oracle Retail Service Layer | Installation (Apache Log4j) | Yes | 9.8 | 12.0.x, 13.0.x, 13.1.x, 13.2.x, 14.0.x |
| CVE-2017-5645 | Oracle AutoVue VueLink Integration | Installation Issues (Apache Log4j) | Yes | 9.8 | 21.0.0, 21.0.1 |
| CVE-2017-5645 | Oracle Utilities Network Management System | Logging (Apache Log4j) | Yes | 9.8 | 1.12.x, 2.3.x |
| CVE-2017-5645 | Oracle Utilities Work and Asset Management | Logging (Apache Log4j) | Yes | 9.8 | 1.9.1.2.12 |
July 2018 – SAP Security Patch Day
According to Panorama Consulting, the average implementation costs for SAP and Oracle both increased while competitor implementation costs decreased. But regarding to cyber security, all the products do not have differences. Yes, it is do the patch management and update.
SAP Security Patch Day – July 2018
SAP businessobjects business intelligence suite :
CVE-2018-2432,CVE-2018-2427 and CVE-2018-2431
SAP gateway:
CVE-2018-2433
SAP internet graphics server :
CVE-2018-2437,CVE-2018-2439 and CVE-2018-2438
SAP netweaver :
CVE-2018-2435 and CVE-2018-2434
SAP r/3 enterprise retail :
CVE-2018-2436
Should you have interested, please see official hyperlink for reference.
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000
9th Jul 2018 – Total 329 ethereum tokens vulnerable for integer overflow
More ethereum tokens now involves into a bug and causes jeopardize the reputation. So called integer overflow, a design limitation allows the owner of the contract to set the balance of an arbitrary user to any value.
Reference resource (Hyperlink) – see below:
https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md
The status last week (9th July 2018) shown that there are total 329 ethereum tokens are vulnerable for integer overflow (refer Table A). A proof of concept let software developer know SafeMath is able to help (remediate the risk interger overflow vulnerability). I am not going to repeat the details again. For more, please refer below article for reference.
Integer overflow weakness similar kill the Ethereum. But SafeMath to protect from overflows.
Table A – vulnerability checklist
| ethereum — ablgenesistoken | The mintToken function of a smart contract implementation for ABLGenesisToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13741 |
| ethereum — airdroppercryptics_token | The mintToken function of a smart contract implementation for AirdropperCryptics, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13623 |
| ethereum — aluxtoken | The mintToken function of a smart contract implementation for ALUXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13533 |
| ethereum — aman_token | The mintToken function of a smart contract implementation for aman, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13515 |
| ethereum — amtoken | The mintToken function of a smart contract implementation for AMToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13600 |
| ethereum — anovabace_token | The mintToken function of a smart contract implementation for AnovaBace, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13737 |
| ethereum — antoken | The mintToken function of a smart contract implementation for Antoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13720 |
| ethereum — app_token | The mintToken function of a smart contract implementation for APP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13661 |
| ethereum — appletoken | The mintToken function of a smart contract implementation for AppleToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13776 |
| ethereum — archain_token | The mintToken function of a smart contract implementation for ARChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13606 |
| ethereum — archercoin_token | The mintToken function of a smart contract implementation for archercoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13608 |
| ethereum — azttoken | The mintToken function of a smart contract implementation for AZTToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13734 |
| ethereum — bcaas_token | The mintToken function of a smart contract implementation for BCaaS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13665 |
| ethereum — bcxss_token | The mintToken function of a smart contract implementation for Bcxss, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13539 |
| ethereum — betterthanadrien_token | The mintToken function of a smart contract implementation for BetterThanAdrien, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13529 |
| ethereum — beyondcashtoken | The mintToken function of a smart contract implementation for BeyondCashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13471 |
| ethereum — bgamecoin_token | The mintToken function of a smart contract implementation for Bgamecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13551 |
| ethereum — bgc_token | The mintToken function of a smart contract implementation for BGC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13648 |
| ethereum — bigcadvancedtoken | The mintToken function of a smart contract implementation for BIGCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13759 |
| ethereum — billionrewardstoken | The mint function of a smart contract implementation for BillionRewardsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13660 |
| ethereum — biqutoken | The mintToken function of a smart contract implementation for BiquToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13764 |
| ethereum — bitcoinagiletoken | The mintToken function of a smart contract implementation for BitcoinAgileToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13485 |
| ethereum — bitedutoken | The mintToken function of a smart contract implementation for BiteduToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13719 |
| ethereum — bitmaxertoken | The mintToken function of a smart contract implementation for BitmaxerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13650 |
| ethereum — bitpark_token | The mintToken function of a smart contract implementation for Bitpark, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13638 |
| ethereum — bitstarti_token | The mintToken function of a smart contract implementation for Bitstarti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13774 |
| ethereum — bitstore_token | The mintToken function of a smart contract implementation for BitStore, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13595 |
| ethereum — bmvcoin_token | The mintToken function of a smart contract implementation for BMVCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13562 |
| ethereum — bpstoken | The mintToken function of a smart contract implementation for BpsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13715 |
| ethereum — briancoin_token | The mintToken function of a smart contract implementation for BrianCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13659 |
| ethereum — briant2token | The mintToken function of a smart contract implementation for Briant2Token, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13603 |
| ethereum — bsctoken | The mintToken function of a smart contract implementation for BSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13663 |
| ethereum — btpcoin_token | The mintToken function of a smart contract implementation for BTPCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13668 |
| ethereum — buyertoken | The mintToken function of a smart contract implementation for BuyerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13470 |
| ethereum — buytoken | The mintToken function of a smart contract implementation for Order (ETH) (Contract Name: BuyToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13708 |
| ethereum — c3_token | The mintToken function of a smart contract implementation for C3 Token (C3), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13517 |
| ethereum — captoz_token | The mintToken function of a smart contract implementation for CAPTOZ, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13617 |
| ethereum — cardfactory_token | The mintToken function of a smart contract implementation for CardFactory, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13594 |
| ethereum — cardtoken | The mintToken function of a smart contract implementation for CardToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13593 |
| ethereum — carrot_token | The mintToken function of a smart contract implementation for Carrot, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13491 |
| ethereum — cartoken | The mintToken function of a smart contract implementation for CarToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13748 |
| ethereum — cavecoin_token | The mintToken function of a smart contract implementation for Cavecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13468 |
| ethereum — cbrtoken | The mintToken function of a smart contract implementation for CBRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13484 |
| ethereum — ccash_token | The mintToken function of a smart contract implementation for CCASH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13546 |
| ethereum — cdcurrency_token | The mintToken function of a smart contract implementation for CDcurrency, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13611 |
| ethereum — cerb_coin_token | The mintToken function of a smart contract implementation for CERB_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13703 |
| ethereum — cgctoken | The mintToken function of a smart contract implementation for CGCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13778 |
| ethereum — cherrycoin_token | The mintToken function of a smart contract implementation for CHERRYCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13585 |
| ethereum — cherrycoinfoundation_token | The mintToken function of a smart contract implementation for CherryCoinFoundation, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13756 |
| ethereum — cikkacoin_token | The mintToken function of a smart contract implementation for CikkaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13637 |
| ethereum — cjxtoken | The mintToken function of a smart contract implementation for CJXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13689 |
| ethereum — cloutoken | The mint function of a smart contract implementation for CloutToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13472 |
| ethereum — cm_token | The mintToken function of a smart contract implementation for CM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13714 |
| ethereum — co2bit_token | The mintToken function of a smart contract implementation for Co2Bit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13565 |
| ethereum — cobtoken | The mintToken function of a smart contract implementation for COBToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13497 |
| ethereum — code47_token | The mintToken function of a smart contract implementation for Code47 (C47), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13588 |
| ethereum — coinquer_token | The mintToken function of a smart contract implementation for Coinquer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13757 |
| ethereum — combilladvancedtoken | The mintToken function of a smart contract implementation for ComBillAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13674 |
| ethereum — con0217_token | The mintToken function of a smart contract implementation for CON0217, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13613 |
| ethereum — coquinho_coin_token | The mintToken function of a smart contract implementation for Coquinho Coin (CQNC) (Contract Name: CoquinhoERC20), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13550 |
| ethereum — corellicoin_token | The mintToken function of a smart contract implementation for CorelliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13511 |
| ethereum — cornerstone_token | The mintToken function of a smart contract implementation for Cornerstone, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13767 |
| ethereum — cosmotokenerc20_token | The mintToken function of a smart contract implementation for COSMOTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13556 |
| ethereum — crimsonshilling_token | The mintToken function of a smart contract implementation for CrimsonShilling, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13629 |
| ethereum — crowdnext_token | The mintToken function of a smart contract implementation for Crowdnext (CNX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13744 |
| ethereum — crowdsale_token | The mintToken function of a smart contract implementation for Crowdsale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13499 |
| ethereum — crypto_alley_shares_token | The mintToken function of a smart contract implementation for Crypto Alley Shares (CAST), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13488 |
| ethereum — cryptoleu_token | The mintToken function of a smart contract implementation for CryptoLeu, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13541 |
| ethereum — cryptosistoken | The mintToken function of a smart contract implementation for CryptosisToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13754 |
| ethereum — crystals_token | The mintToken function of a smart contract implementation for Crystals, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13466 |
| ethereum — csatoken | The mintToken function of a smart contract implementation for CSAToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13609 |
| ethereum — ctesale_token | The mintToken function of a smart contract implementation for CTESale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13477 |
| ethereum — ctest7_token | The mint function of a smart contract implementation for CTest7, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13695 |
| ethereum — cws_token | The mintToken function of a smart contract implementation for CWS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13664 |
| ethereum — daddytoken | The mintToken function of a smart contract implementation for DaddyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13493 |
| ethereum — databits_token | The mintToken function of a smart contract implementation for Databits, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13711 |
| ethereum — datashieldcoin_token | The mintToken function of a smart contract implementation for DataShieldCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13574 |
| ethereum — datiac_token | The mintToken function of a smart contract implementation for Datiac, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13646 |
| ethereum — dectoken | The mintToken function of a smart contract implementation for DECToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13587 |
| ethereum — deploy_token | The mintToken function of a smart contract implementation for Deploy, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13649 |
| ethereum — destineed_token | The mintToken function of a smart contract implementation for DestiNeed (DSN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13699 |
| ethereum — deweisecurityservicetoken | The mintToken function of a smart contract implementation for DeWeiSecurityServiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13753 |
| ethereum — dhacoin_token | The mintToken function of a smart contract implementation for DhaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13528 |
| ethereum — digitalcloudtoken | The mint function of a smart contract implementation for DigitalCloudToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13519 |
| ethereum — dinsteincoin_token | The mintToken function of a smart contract implementation for DinsteinCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13671 |
| ethereum — dmptoken | The mintToken function of a smart contract implementation for DMPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13478 |
| ethereum — doccoin_token | The mintToken function of a smart contract implementation for doccoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13631 |
| ethereum — doccoinpreico_token | The mintToken function of a smart contract implementation for DoccoinPreICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13630 |
| ethereum — dopnetwork_token | The mintToken function of a smart contract implementation for dopnetwork, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13739 |
| ethereum — eastcoin_token | The mintToken function of a smart contract implementation for Eastcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13727 |
| ethereum — easticoin_token | The mintToken function of a smart contract implementation for Easticoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13766 |
| ethereum — ecogreenhouse_token | The mintToken function of a smart contract implementation for ecogreenhouse, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13505 |
| ethereum — eddtoken | The mintToken function of a smart contract implementation for eddToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13704 |
| ethereum — elearningcoinerc_token | The mintToken function of a smart contract implementation for ELearningCoinERC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13736 |
| ethereum — elevatecoin_token | The mintToken function of a smart contract implementation for ElevateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13527 |
| ethereum — enter_token | The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13735 |
| ethereum — entercoin_token | The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13782 |
| ethereum — epiphanycoin_token | The mintToken function of a smart contract implementation for EpiphanyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13467 |
| ethereum — erc20_ico_token | The mintToken function of a smart contract implementation for ERC20_ICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13536 |
| ethereum — eristicaico_token | The mintToken function of a smart contract implementation for EristicaICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13666 |
| ethereum — escut_token | The mintToken function of a smart contract implementation for Escut (ESCT) (Contract Name: JuntsPerCreixer), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13576 |
| ethereum — esh_token | The mintToken function of a smart contract implementation for ESH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13780 |
| ethereum — esportz_token | The mintToken function of a smart contract implementation for esportz, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13514 |
| ethereum — essence_token | The mintToken function of a smart contract implementation for Essence, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13702 |
| ethereum — eststoken | The mintToken function of a smart contract implementation for ESTSToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13654 |
| ethereum — eth033_token | The mintToken function of a smart contract implementation for YourCoin (ICO) (Contract Name: ETH033), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13561 |
| ethereum — ethercash_token | The mintToken function of a smart contract implementation for ETHERCASH (ETC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13482 |
| ethereum — ethereumlegit_token | The mintToken function of a smart contract implementation for EthereumLegit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13537 |
| ethereum — ethereumsmart_token | The mintToken function of a smart contract implementation for EthereumSmart, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13640 |
| ethereum — exacorecontract_token | The mintToken function of a smart contract implementation for ExacoreContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13771 |
| ethereum — exgroup_token | The mintToken function of a smart contract implementation for EXGROUP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13522 |
| ethereum — exsulcoin_token | The mintToken function of a smart contract implementation for exsulcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13683 |
| ethereum — extremetoken | The mintToken function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13605 |
| ethereum — fanschaintoken | The mintToken function of a smart contract implementation for FansChainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13474 |
| ethereum — film_token | The mintToken function of a smart contract implementation for FILM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13490 |
| ethereum — finaltoken | The mintToken function of a smart contract implementation for FinalToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13749 |
| ethereum — fiocoin_token | The mintToken function of a smart contract implementation for Fiocoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13645 |
| ethereum — flow_token | The mintToken function of a smart contract implementation for Flow, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13525 |
| ethereum — forevercoin_token | The mintToken function of a smart contract implementation for ForeverCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13579 |
| ethereum — futurxe_token | The mintToken function of a smart contract implementation for FuturXe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13718 |
| ethereum — galacticx_token | The mintToken function of a smart contract implementation for GalacticX, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13601 |
| ethereum — galaxycoin_token | The mintToken function of a smart contract implementation for GalaxyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13578 |
| ethereum — gatcoin_token | The mintToken function of a smart contract implementation for GATcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13564 |
| ethereum — gcrtokenerc210_token | The mintToken function of a smart contract implementation for GCRTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13643 |
| ethereum — gemstonetoken | The mintToken function of a smart contract implementation for GemstoneToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13543 |
| ethereum — gfc_token | The mintToken function of a smart contract implementation for GFC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13655 |
| ethereum — gfcb_token | The mintToken function of a smart contract implementation for GFCB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13670 |
| ethereum — globalsupergametoken | The mintToken function of a smart contract implementation for GlobalSuperGameToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13725 |
| ethereum — globecoin_token | An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. An attacker could use it to set any user’s balance. | CVE-2018-14004 |
| ethereum — gmile_token | The mintToken function of a smart contract implementation for GMile, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13694 |
| ethereum — goldtokenerc20_token | The mintToken function of a smart contract implementation for GoldTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13673 |
| ethereum — gomineworld_token | The mintToken function of a smart contract implementation for GoMineWorld, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13721 |
| ethereum — goochain_token | The mintToken function of a smart contract implementation for Goochain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13677 |
| ethereum — goramcoin_token | The mintToken function of a smart contract implementation for GoramCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13571 |
| ethereum — greenenergytoken | The mintToken function of a smart contract implementation for GreenEnergyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13693 |
| ethereum — gsi_token | The mintToken function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13540 |
| ethereum — hashshield_token | The mintToken function of a smart contract implementation for HashShield, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13545 |
| ethereum — hbcm_token | The mintToken function of a smart contract implementation for HBCM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13635 |
| ethereum — heliumnetwork_token | The mintToken function of a smart contract implementation for HeliumNetwork, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13502 |
| ethereum — help_token | The mintToken function of a smart contract implementation for HELP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13486 |
| ethereum — hey_token | The mintToken function of a smart contract implementation for HEY, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13730 |
| ethereum — hittoken | The mintToken function of a smart contract implementation for HitToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13569 |
| ethereum — hormitechtoken | The mintToken function of a smart contract implementation for HormitechToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13717 |
| ethereum — hrwtoken | The mintToken function of a smart contract implementation for HRWtoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13501 |
| ethereum — huntercoin_token | The mintToken function of a smart contract implementation for HunterCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13530 |
| ethereum — hyipcrowdsale1_token | The mint function of a smart contract implementation for HYIPCrowdsale1, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13724 |
| ethereum — hyiptoken | The mint function of a smart contract implementation for HYIPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13722 |
| ethereum — iamrich_token | The mintToken function of a smart contract implementation for IamRich, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13509 |
| ethereum — ico_dollar_token | The mintToken function of a smart contract implementation for ICO Dollar (ICOD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13686 |
| ethereum — icocontract_token | The mintToken function of a smart contract implementation for IcoContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13469 |
| ethereum — ideacoin_token | The mintToken function of a smart contract implementation for IdeaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13706 |
| ethereum — instacocoa_token | The mintToken function of a smart contract implementation for Instacocoa, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13690 |
| ethereum — ioct_coin_token | The mintToken function of a smart contract implementation for IOCT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13616 |
| ethereum — ipmcoin_token | The mintToken function of a smart contract implementation for IPMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13700 |
| ethereum — ipshoots_token | The mintToken function of a smart contract implementation for ipshoots, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13653 |
| ethereum — iseevoicetoken | The mintToken function of a smart contract implementation for ISeeVoiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13726 |
| ethereum — jaxbox_token | The mintToken function of a smart contract implementation for JaxBox, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13555 |
| ethereum — jeanstoken | The mintToken function of a smart contract implementation for JeansToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13769 |
| ethereum — jiucaitoken | The mintToken function of a smart contract implementation for JiucaiToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13783 |
| ethereum — jixocoin_token | The mintToken function of a smart contract implementation for JixoCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13728 |
| ethereum — jpmd100b_token | The mintToken function of a smart contract implementation for JPMD100B, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13729 |
| ethereum — justwallet_token | The mintToken function of a smart contract implementation for JustWallet, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13751 |
| ethereum — kapaycoin_token | The mintToken function of a smart contract implementation for KAPAYcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13498 |
| ethereum — kapcoin_token | The mintToken function of a smart contract implementation for KAPcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13591 |
| ethereum — kbit_token | The mintToken function of a smart contract implementation for kBit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13746 |
| ethereum — kelvintoken | The mintToken function of a smart contract implementation for KelvinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13560 |
| ethereum — kissme_token | The mintToken function of a smart contract implementation for KissMe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13701 |
| ethereum — kktestcoin1_token | The mint function of a smart contract implementation for kkTestCoin1 (KTC1), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13570 |
| ethereum — kmctoken | The mintToken function of a smart contract implementation for KMCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13495 |
| ethereum — krown_token | The mintlvlToken function of a smart contract implementation for Krown, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13625 |
| ethereum — landcoin_token | The mintToken function of a smart contract implementation for LandCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13765 |
| ethereum — lexittoken | The mintToken function of a smart contract implementation for LexitToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13680 |
| ethereum — lolicoin_token | The mintToken function of a smart contract implementation for LoliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13758 |
| ethereum — lottery_token | The mintToken function of a smart contract implementation for Lottery, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13678 |
| ethereum — malaysia_coins_token | An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user’s balance. | CVE-2018-14005 |
| ethereum — malltoken | The mintToken function of a smart contract implementation for MallToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13688 |
| ethereum — martcoin_token | The mintToken function of a smart contract implementation for Martcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13633 |
| ethereum — mavcash_token | The mintToken function of a smart contract implementation for MAVCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13614 |
| ethereum — maxhouse_token | The mintToken function of a smart contract implementation for MaxHouse, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13531 |
| ethereum — mediacubetoken | The mintToken function of a smart contract implementation for MediaCubeToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13634 |
| ethereum — medicayunlink_token | The mintToken function of a smart contract implementation for MedicayunLink, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13610 |
| ethereum — mehditazitoken | The mintToken function of a smart contract implementation for MehdiTAZIToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13692 |
| ethereum — micoinnetworktoken | The mintToken function of a smart contract implementation for MicoinNetworkToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13651 |
| ethereum — micointoken | The mintToken function of a smart contract implementation for MicoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13619 |
| ethereum — micro_btc_token | The mintToken function of a smart contract implementation for Micro BTC (MBTC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13553 |
| ethereum — mimicoin_token | The mintToken function of a smart contract implementation for Mimicoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13548 |
| ethereum — mindexcoin_token | The mintToken function of a smart contract implementation for Mindexcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13532 |
| ethereum — miningtoken | The mint function of a smart contract implementation for MiningToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13602 |
| ethereum — mjctoken | The mintToken function of a smart contract implementation for MJCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13615 |
| ethereum — mjolnir_token | The mintToken function of a smart contract implementation for Mjolnir, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13710 |
| ethereum — mkethtoken | The mintToken function of a smart contract implementation for mkethToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13483 |
| ethereum — mktcoin_token | The mintToken function of a smart contract implementation for MktCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13568 |
| ethereum — mmcoin_token | The mintToken function of a smart contract implementation for MMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13504 |
| ethereum — momentumtoken | The mintToken function of a smart contract implementation for MomentumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13628 |
| ethereum — moneychainnet_token | The mintToken function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13760 |
| ethereum — moneytree_token | The mintToken function of a smart contract implementation for MoneyTree (TREE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13554 |
| ethereum — mooadvtoken | The mintToken function of a smart contract implementation for MooAdvToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13589 |
| ethereum — moontoken | The mintToken function of a smart contract implementation for MoonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13462 |
| ethereum — mp3_coin_token | An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. An attacker could use it to set any user’s balance. | CVE-2018-14002 |
| ethereum — msxadvanced_token | The mintToken function of a smart contract implementation for MSXAdvanced, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13500 |
| ethereum — mvgcoin_token | The mintToken function of a smart contract implementation for MVGcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13641 |
| ethereum — my2token | The mintToken function of a smart contract implementation for My2Token, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13582 |
| ethereum — myoffer_token | The mintToken function of a smart contract implementation for MyOffer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13627 |
| ethereum — myylc_token | The mintToken function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13781 |
| ethereum — naga_token | The mintToken function of a smart contract implementation for naga, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13492 |
| ethereum — ncu_token | The mintToken function of a smart contract implementation for NCU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13669 |
| ethereum — nectar_token | The mintToken function of a smart contract implementation for Nectar (NCTR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13586 |
| ethereum — neo_genesis_token | An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract. An attacker could use it to set any user’s balance. | CVE-2018-14006 |
| ethereum — netkilleradvancedtokenairdrop_token | The mintToken function of a smart contract implementation for NetkillerAdvancedTokenAirDrop, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13761 |
| ethereum — netkillertoken | The mintToken function of a smart contract implementation for Enterprise Token Ecosystem (ETE) (Contract Name: NetkillerToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13773 |
| ethereum — neurotoken | The mintToken function of a smart contract implementation for NeuroToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13549 |
| ethereum — nexpara_token | The mintToken function of a smart contract implementation for NEXPARA, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13632 |
| ethereum — normikaivo_token | The mintToken function of a smart contract implementation for normikaivo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13687 |
| ethereum — numisma_token | The mintToken function of a smart contract implementation for Numisma, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13544 |
| ethereum — objecttoken | The mintToken function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13622 |
| ethereum — obtcoin_token | The mintToken function of a smart contract implementation for OBTCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13672 |
| ethereum — ohni_2_token | The mintToken function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13473 |
| ethereum — olliscoin_token | The mintToken function of a smart contract implementation for OllisCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13489 |
| ethereum — onechain_token | The mintToken function of a smart contract implementation for OneChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13740 |
| ethereum — orderbook_presale_token | The mintToken function of a smart contract implementation for Orderbook Presale Token (OBP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13676 |
| ethereum — otakutoken | The mintToken function of a smart contract implementation for OTAKUToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13755 |
| ethereum — paccoin_token | The mintToken function of a smart contract implementation for PACCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13535 |
| ethereum — paulycoin_token | The mintToken function of a smart contract implementation for PaulyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13465 |
| ethereum — pelocointoken | The mintToken function of a smart contract implementation for PELOCoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13738 |
| ethereum — pgm_coin_token | The mintToken function of a smart contract implementation for PGM_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13572 |
| ethereum — philcoin_token | The mintToken function of a smart contract implementation for PhilCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13476 |
| ethereum — pinkytoken | The mintToken function of a smart contract implementation for PinkyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13521 |
| ethereum — platotoken | The mintToken function of a smart contract implementation for PlatoToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13487 |
| ethereum — play2livepromo_token | The mintTokens function of a smart contract implementation for Play2LivePromo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13698 |
| ethereum — pmet_token | The mintToken function of a smart contract implementation for PMET, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13712 |
| ethereum — pmhtoken | The mintToken function of a smart contract implementation for PMHToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13705 |
| ethereum — porncoin_token | The mintToken function of a smart contract implementation for PornCoin (PRNC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13524 |
| ethereum — projectj_token | The mintToken function of a smart contract implementation for ProjectJ, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13733 |
| ethereum — providence_crypto_casino_token | The mintToken function of a smart contract implementation for Providence Crypto Casino (PVE) (Contract Name: ProvidenceCasinoToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13547 |
| ethereum — providencecasino_token | The mintToken function of a smart contract implementation for ProvidenceCasino (PVE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13580 |
| ethereum — qrg_token | The mintToken function of a smart contract implementation for QRG, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13480 |
| ethereum — rajtest_token | The mintToken function of a smart contract implementation for RajTest, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13592 |
| ethereum — rajtestico_token | The mintToken function of a smart contract implementation for RajTestICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13496 |
| ethereum — rckt_coin_token | The mintToken function of a smart contract implementation for RCKT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13775 |
| ethereum — redticket_token | The mintToken function of a smart contract implementation for RedTicket, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13696 |
| ethereum — remicoin_token | An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin (RMC), an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks. | CVE-2018-12230 |
| ethereum — residualshare_token | The mintToken function of a smart contract implementation for ResidualShare, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13607 |
| ethereum — residualvalue_token | The mintToken function of a smart contract implementation for ResidualValue, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13599 |
| ethereum — retntoken | The mintToken function of a smart contract implementation for RETNToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13566 |
| ethereum — rhovit_token | The mintToken function of a smart contract implementation for rhovit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13558 |
| ethereum — rice_token | The mintToken function of a smart contract implementation for Rice, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13657 |
| ethereum — richiumtoken | The mintToken function of a smart contract implementation for RichiumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13750 |
| ethereum — riptidecoin_token | The mintToken function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13732 |
| ethereum — robincoin_token | The mintToken function of a smart contract implementation for Robincoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13612 |
| ethereum — robotbtc_token | The mintToken function of a smart contract implementation for RobotBTC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13697 |
| ethereum — rocket_coin_token | An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. An attacker could use it to set any user’s balance. | CVE-2018-13836 |
| ethereum — royalclassiccoin_token | The mintToken function of a smart contract implementation for RoyalClassicCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13644 |
| ethereum — rrtoken | The mintToken function of a smart contract implementation for RRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13777 |
| ethereum — rtokenmain_token | The mintToken function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13691 |
| ethereum — sample_token | The mintToken function of a smart contract implementation for Sample Token (STK) (Contract Name: cashBackMintable), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13656 |
| ethereum — sdr22_token | The mintToken function of a smart contract implementation for SDR22, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13506 |
| ethereum — sdr_token | The mintToken function of a smart contract implementation for SDR, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13567 |
| ethereum — secoin_token | The mintToken function of a smart contract implementation for SECoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13642 |
| ethereum — semaintoken | The mintToken function of a smart contract implementation for SemainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13626 |
| ethereum — sendme_token | The mintToken function of a smart contract implementation for SendMe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13598 |
| ethereum — sexhdsolo_token | The mintToken function of a smart contract implementation for sexhdsolo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13716 |
| ethereum — sharktech_token | An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. An attacker could use it to set any user’s balance. | CVE-2018-14001 |
| ethereum — shitcoin_token | The mintToken function of a smart contract implementation for ShitCoin (SHITC) (Contract Name: AdvancedShit), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13577 |
| ethereum — shmoo_token | The mintToken function of a smart contract implementation for Shmoo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13583 |
| ethereum — sipcoin_token | The mintToken function of a smart contract implementation for SIPCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13590 |
| ethereum — sipctoken | The mintToken function of a smart contract implementation for SIPCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13538 |
| ethereum — slcadvancedtoken | The mintToken function of a smart contract implementation for SLCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13507 |
| ethereum — slidebitstoken | The mintToken function of a smart contract implementation for SlidebitsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13479 |
| ethereum — smart_contract_implementation_for_tickets_token | The mintToken function of a smart contract implementation for tickets (TKT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13742 |
| ethereum — smarthomecoin_token | The mintToken function of a smart contract implementation for SmartHomeCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13512 |
| ethereum — smartpayment_token | The mintToken function of a smart contract implementation for SmartPayment, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13523 |
| ethereum — soscoin_token | The mintToken function of a smart contract implementation for SOSCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13681 |
| ethereum — soundtribetoken | The mintToken function of a smart contract implementation for SoundTribeToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13621 |
| ethereum — south_park_token | The mintToken function of a smart contract implementation for South Park Token Token (SPTKN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13503 |
| ethereum — speedcashlite_token | The mintToken function of a smart contract implementation for SpeedCashLite (SCSL), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13534 |
| ethereum — stctoken | The mintToken function of a smart contract implementation for STCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13745 |
| ethereum — super_cool_awesome_money_token | The mintToken function of a smart contract implementation for Super Cool Awesome Money (SCAM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13516 |
| ethereum — superenergy_token | The mintToken function of a smart contract implementation for SuperEnergy (SEC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13743 |
| ethereum — susantokenerc20_token | The mintToken function of a smart contract implementation for SusanTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13494 |
| ethereum — t-swap-token | The mintToken function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13463 |
| ethereum — t_swap_token | The mintToken function of a smart contract implementation for t_swap, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13464 |
| ethereum — tcash_token | The mintToken function of a smart contract implementation for TCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13518 |
| ethereum — testahihi_token | The mintToken function of a smart contract implementation for TESTAhihi, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13596 |
| ethereum — testcoin_token | The mintToken function of a smart contract implementation for testcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13597 |
| ethereum — theflashtoken | The mintToken function of a smart contract implementation for TheFlashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13772 |
| ethereum — thegodgital_token | The mintToken function of a smart contract implementation for TheGoDgital, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13658 |
| ethereum — thegodigital_token | The mintToken function of a smart contract implementation for TheGoDigital, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13652 |
| ethereum — thread_token | The mintToken function of a smart contract implementation for Thread, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13752 |
| ethereum — tokenmachu_token | The mintToken function of a smart contract implementation for TokenMACHU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13731 |
| ethereum — topscoinadvanced_token | The mintToken function of a smart contract implementation for TopscoinAdvanced, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13520 |
| ethereum — trabet_coin_preico_token | The mintToken function of a smart contract implementation for Trabet_Coin_PreICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13552 |
| ethereum — trabet_coin_token | The mintToken function of a smart contract implementation for Trabet_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13557 |
| ethereum — tradesman_token | The mintToken function of a smart contract implementation for Tradesman, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13713 |
| ethereum — travelcoin_token | The mintToken function of a smart contract implementation for TravelCoin (TRV), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13581 |
| ethereum — tripcash_token | The mintToken function of a smart contract implementation for TripCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13620 |
| ethereum — trippay_token | The mintToken function of a smart contract implementation for TripPay, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13573 |
| ethereum — trium_token | The mintToken function of a smart contract implementation for TRIUM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13481 |
| ethereum — truegoldcointoken | The mintToken function of a smart contract implementation for TrueGoldCoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13647 |
| ethereum — tube_token | The mintToken function of a smart contract implementation for Tube, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13709 |
| ethereum — turdcoin_token | The mintToken function of a smart contract implementation for TurdCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13636 |
| ethereum — ubiou_token | The mintToken function of a smart contract implementation for Ubiou, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13513 |
| ethereum — ublasti_token | The mintToken function of a smart contract implementation for Ublasti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13763 |
| ethereum — ultimatecoin_token | The mintToken function of a smart contract implementation for UltimateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13770 |
| ethereum — upaytoken | The mintToken function of a smart contract implementation for UPayToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13563 |
| ethereum — utbtokentest_token | The mintToken function of a smart contract implementation for UTBTokenTest, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13667 |
| ethereum — utct_token | The mintToken function of a smart contract implementation for UTCT, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13559 |
| ethereum — vanminhcoin_token | The mintToken function of a smart contract implementation for VanMinhCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13747 |
| ethereum — vicetoken_ico_is_a_scam_token | The mintToken function of a smart contract implementation for VICETOKEN_ICO_IS_A_SCAM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13618 |
| ethereum — virtual_energy_units_token | The mintToken function of a smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13639 |
| ethereum — vitemoneycoin_token | The mintToken function of a smart contract implementation for ViteMoneyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13682 |
| ethereum — vittoken | The mintToken function of a smart contract implementation for VITToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13508 |
| ethereum — vornox_token | The mintToken function of a smart contract implementation for Vornox (VRX) (Contract Name: VornoxCoinToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13685 |
| ethereum — vsctoken | The mintToken function of a smart contract implementation for VSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13475 |
| ethereum — wangwangtoken | The mintToken function of a smart contract implementation for WangWangToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13526 |
| ethereum — welfare_token_fund_token | The mintToken function of a smart contract implementation for Welfare Token Fund (WTF), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13510 |
| ethereum — wellieat_token | The mintToken function of a smart contract implementation for wellieat, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13604 |
| ethereum — wemediachain_token | An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. An attacker could use it to set any user’s balance. | CVE-2018-14003 |
| ethereum — worldopctionchain_token | The mintToken function of a smart contract implementation for WorldOpctionChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13662 |
| ethereum — wxsltoken | The mintToken function of a smart contract implementation for WXSLToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13624 |
| ethereum — yambyo_token | The mintToken function of a smart contract implementation for YAMBYO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13675 |
| ethereum — yasudem_token | The mintToken function of a smart contract implementation for yasudem, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13584 |
| ethereum — yestoken | The mintToken function of a smart contract implementation for YESToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13575 |
| ethereum — ylctoken | The mintToken function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13779 |
| ethereum — yss_token | The mintToken function of a smart contract implementation for YSS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13707 |
| ethereum — yumerium_token | The mintToken function of a smart contract implementation for Yumerium, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13762 |
| ethereum — zibtoken | The mintToken function of a smart contract implementation for ZIBToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13542 |
| ethereum — zip_token | The mintToken function of a smart contract implementation for ZIP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13684 |
| ethereum — zpecoin_token | The mintToken function of a smart contract implementation for ZPEcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13679 |
| ethereum — ztoken | The mintToken function of a smart contract implementation for ZToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | CVE-2018-13768 |
Node.js hits arbitrary command injection (CVE-2018-13797)
Node.js framework become popular today. Node.js can build the application on ethereum (cryptocurrency). Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient. Node.js’ package ecosystem, npm, is the largest ecosystem of open source libraries in the world.
Meanwhile, npm is a package manager for the JavaScript programming language. It is the default package manager for the JavaScript runtime environment Node.js. Software developers must stay alert on CVE-2018-13797. Should you have interested, please refer below:
Fixes arbitrary command injection by using execFile instead of exec:
https://github.com/scravy/node-macaddress/commit/358fd594adb196a86b94ac9c691f69fe5dad2332