Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-13178

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-05 Jul, 2018 | 02:00
Updated At-05 Aug, 2024 | 08:52
Rejected At-
Credits

The mintToken function of a smart contract implementation for ECToints (ECT) (Contract Name: ECPoints), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
ā–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:05 Jul, 2018 | 02:00
Updated At:05 Aug, 2024 | 08:52
Rejected At:
ā–¼CVE Numbering Authority (CNA)

The mintToken function of a smart contract implementation for ECToints (ECT) (Contract Name: ECPoints), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md
x_refsource_MISC
https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ECPoints
x_refsource_MISC
Hyperlink: https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md
Resource:
x_refsource_MISC
Hyperlink: https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ECPoints
Resource:
x_refsource_MISC
ā–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md
x_refsource_MISC
x_transferred
https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ECPoints
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ECPoints
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
ā–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:05 Jul, 2018 | 02:29
Updated At:03 Oct, 2019 | 13:30

The mintToken function of a smart contract implementation for ECToints (ECT) (Contract Name: ECPoints), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N
CPE Matches
ecpoints_project
ecpoints_project
>>ecpoints>>-
cpe:2.3:a:ecpoints_project:ecpoints:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-190Primarynvd@nist.gov
CWE ID: CWE-190
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.mdcve@mitre.org
Exploit
Third Party Advisory
https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ECPointscve@mitre.org
Third Party Advisory
Hyperlink: https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ECPoints
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

481Records found
CVE-2018-13551
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for Bgamecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-bgamecoin_projectn/a
Product-bgamecoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13197
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-05 Jul, 2018 | 02:00
Updated-05 Aug, 2024 | 08:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sell function of a smart contract implementation for Welfare Token Fund (WTF), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

Action-Not Available
Vendor-welfare_token_fund_projectn/a
Product-welfare_token_fundn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13679
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for ZPEcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-zpecoin_projectn/a
Product-zpecoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13703
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for CERB_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-cerb_coin_projectn/a
Product-cerb_coinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13668
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for BTPCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-btpcoin_projectn/a
Product-btpcoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13636
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for TurdCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-turdcoin_projectn/a
Product-turdcoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13566
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for RETNToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-retainlyn/a
Product-retntokenn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13478
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for DMPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-airbridgen/a
Product-dmptokenn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13501
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for HRWtoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-hrwtoken_projectn/a
Product-hrwtokenn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13770
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for UltimateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-ultimatecoin_projectn/a
Product-ultimatecoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13590
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for SIPCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-sipcoinn/a
Product-sipcoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13325
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-05 Jul, 2018 | 18:00
Updated-17 Sep, 2024 | 01:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow.

Action-Not Available
Vendor-boodskapn/a
Product-growchainn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13555
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for JaxBox, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-jaxbox_projectn/a
Product-jaxboxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13709
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for Tube, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-diytubecoin_projectn/a
Product-diytubecoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13128
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-04 Jul, 2018 | 00:00
Updated-17 Sep, 2024 | 02:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Etherty Token (ETY) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.

Action-Not Available
Vendor-ethertyn/a
Product-etherty_tokenn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13695
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mint function of a smart contract implementation for CTest7, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-ctest7_projectn/a
Product-ctest7n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13753
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for DeWeiSecurityServiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-deweisecurityservicetoken_projectn/a
Product-deweisecurityservicetokenn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13577
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for ShitCoin (SHITC) (Contract Name: AdvancedShit), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-advancedshit_projectn/a
Product-advancedshitn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13069
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-02 Jul, 2018 | 23:00
Updated-16 Sep, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for DYchain (DYC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-dychain_projectn/a
Product-dychainn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13221
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-05 Jul, 2018 | 02:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sell function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

Action-Not Available
Vendor-extreme_coin_projectn/a
Product-extreme_coinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13595
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for BitStore, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-bitstore_projectn/a
Product-bitstoren/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13129
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-04 Jul, 2018 | 00:00
Updated-16 Sep, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SP8DE Token (SPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.

Action-Not Available
Vendor-sp8den/a
Product-sp8den/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13599
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for ResidualValue, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-residualvalue_projectn/a
Product-residualvaluen/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13605
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-extremetoken_projectn/a
Product-extremetokenn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13072
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-02 Jul, 2018 | 23:00
Updated-16 Sep, 2024 | 23:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for Coffeecoin (COFFEE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-coffeecoin_projectn/a
Product-coffeecoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13729
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for JPMD100B, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-jpmd100b_projectn/a
Product-jpmd100bn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13166
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-05 Jul, 2018 | 02:00
Updated-05 Aug, 2024 | 08:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for AthletiCoin (ATHA), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-athleticoin_projectn/a
Product-athleticoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13664
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for CWS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-cws_projectn/a
Product-cwsn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13498
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for KAPAYcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-kapaycoin_projectn/a
Product-kapaycoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13469
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for IcoContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-icocontract_projectn/a
Product-icocontractn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13172
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-05 Jul, 2018 | 02:00
Updated-05 Aug, 2024 | 08:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for bzxcoin (BZX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-bzxcoin_projectn/a
Product-bzxcoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13465
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for PaulyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-paulycoin_projectn/a
Product-paulycoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13578
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for GalaxyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-galaxycoin_projectn/a
Product-galaxycoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13467
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for EpiphanyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-epnexn/a
Product-epiphanycoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13222
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-05 Jul, 2018 | 02:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sell function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

Action-Not Available
Vendor-objectledgern/a
Product-objecttokenn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13720
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for Antoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-landcoin_projectn/a
Product-landcoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-12511
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-21 Sep, 2018 | 17:00
Updated-05 Aug, 2024 | 08:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the mintToken function of a smart contract implementation for Substratum (SUB), an Ethereum ERC20 token, the administrator can control mintedAmount, leverage an integer overflow, and modify a user account's balance arbitrarily.

Action-Not Available
Vendor-substratumn/a
Product-substratumn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-12068
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-25 Jun, 2018 | 11:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sell function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.

Action-Not Available
Vendor-tgtcoinsn/a
Product-target_coinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-29219
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.29% / 51.93%
||
7 Day CHG~0.00%
Published-24 May, 2022 | 14:15
Updated-23 Apr, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow in Lodestar

Lodestar is a TypeScript implementation of the Ethereum Consensus specification. Prior to version 0.36.0, there is a possible consensus split given maliciously-crafted `AttesterSlashing` or `ProposerSlashing` being included on-chain. Because the developers represent `uint64` values as native javascript `number`s, there is an issue when those variables with large (greater than 2^53) `uint64` values are included on chain. In those cases, Lodestar may view valid_`AttesterSlashing` or `ProposerSlashing` as invalid, due to rounding errors in large `number` values. This causes a consensus split, where Lodestar nodes are forked away from the main network. Similarly, Lodestar may consider invalid `ProposerSlashing` as valid, thus including in proposed blocks that will be considered invalid by the network. Version 0.36.0 contains a fix for this issue. As a workaround, use `BigInt` to represent `Slot` and `Epoch` values in `AttesterSlashing` and `ProposerSlashing` objects. `BigInt` is too slow to be used in all `Slot` and `Epoch` cases, so one may carefully use `BigInt` just where necessary for consensus.

Action-Not Available
Vendor-chainsafeChainSafe
Product-lodestarlodestar
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-12062
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-25 Jun, 2018 | 11:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sell function of a smart contract implementation for SwftCoin (SWFTC), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.

Action-Not Available
Vendor-swftn/a
Product-swftcoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-10706
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 17:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow in the transferMulti function of a smart contract implementation for Social Chain (SCA), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets, aka the "multiOverflow" issue.

Action-Not Available
Vendor-social-chainn/a
Product-social_chainn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-10973
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 17:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _value parameters.

Action-Not Available
Vendor-koreashow_projectn/a
Product-koreashown/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11446
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-25 Jun, 2018 | 11:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable buyPrice, aka the "tradeTrap" issue.

Action-Not Available
Vendor-gold_reward_projectn/a
Product-gold_rewardn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-10921
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.20% / 41.80%
||
7 Day CHG~0.00%
Published-02 Aug, 2018 | 18:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain input files may trigger an integer overflow in ttembed input file processing. This overflow could potentially lead to corruption of the input file due to a lack of checking return codes of fgetc/fputc function calls.

Action-Not Available
Vendor-ttembed_project[UNKNOWN]
Product-ttembedttembed
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-18666
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.30%
||
7 Day CHG~0.00%
Published-28 Dec, 2018 | 17:00
Updated-05 Aug, 2024 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-swftn/a
Product-swftcoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-45854
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.16%
||
7 Day CHG~0.00%
Published-16 Sep, 2024 | 00:00
Updated-20 Sep, 2024 | 12:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function.

Action-Not Available
Vendor-n/ashopkit_project
Product-n/ashopkit
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13071
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-02 Jul, 2018 | 23:00
Updated-17 Sep, 2024 | 01:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for CCindex10 (T10), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-ccindextoken_projectn/a
Product-ccindextokenn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-13473
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 06:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mintToken function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Action-Not Available
Vendor-ohni_projectn/a
Product-ohnin/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-14002
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-12 Jul, 2018 | 15:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. An attacker could use it to set any user's balance.

Action-Not Available
Vendor-mp3_coin_projectn/a
Product-mp3_coinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-14005
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.48%
||
7 Day CHG~0.00%
Published-12 Jul, 2018 | 15:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user's balance.

Action-Not Available
Vendor-malaysiancoin_projectn/a
Product-malaysiancoinn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 9
  • 10
  • Next
Details not found