The mintToken function of a smart contract implementation for AssetToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The mintToken function of a smart contract implementation for CryptonitexCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The mintToken function of a smart contract implementation for bonusToken (BNS), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The mintToken function of a smart contract implementation for GEMCHAIN (GEM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
An issue was discovered on Diqee Diqee360 devices. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
An issue was discovered on Dongguan Diqee Diqee360 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.
The transfer, transferFrom, and mint functions of a smart contract implementation for PFGc, an Ethereum token, have an integer overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The transfer and transferFrom functions of a smart contract implementation for ChuCunLingAIGO (CCLAG), an Ethereum token, have an integer overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The transfer and transferFrom functions of a smart contract implementation for Bittelux (BTX), an Ethereum token, have an integer overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) when either parsing the Identity Provider response in the application plugins, or in the Identity. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for MAVCash, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for YourCoin (ICO) (Contract Name: ETH033), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for ICO Dollar (ICOD), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for CoinToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for GreenMed (GRMD), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for Sample Token (STK) (Contract Name: cashBackMintable), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for GMile, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for TravelCoin (TRV), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for EthereumLegit, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for MyToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for Providence Crypto Casino (PVE) (Contract Name: ProvidenceCasinoToken), an Ethereum token, has an integer overflow in which "amount *. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for Nectar (NCTR), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for MoneyTree (TREE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for PornCoin (PRNC), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for ProvidenceCasino (PVE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for ETHERCASH (ETC), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sellBuyerTokens function of a smart contract implementation for SwapToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for MyBO, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for TiTok - Ticket Token (Contract Name: MyAdvancedToken7), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for DateMe (DMX) (Contract Name: ProgressiveToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for ETHEREUMBLACK (ETCBK), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for STeX Exchange ICO (STE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for Welfare Token Fund (WTF), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The sell function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.