The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2018-13177 | The mintToken function of a smart contract implementation for MiningRigRentals Token (MRR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Oct 7, 2019 |
CVE-2018-13176 | The mintToken function of a smart contract implementation for Trust Zen Token (ZEN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Oct 7, 2019 |
CVE-2018-13175 | The mintToken function of a smart contract implementation for AIChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13174 | The mintToken function of a smart contract implementation for CryptoABS (ABS), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13173 | The mintToken function of a smart contract implementation for EliteShipperToken (ESHIP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13172 | The mintToken function of a smart contract implementation for bzxcoin (BZX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13171 | The mintToken function of a smart contract implementation for LadaToken (LDT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13170 | The mintToken function of a smart contract implementation for Snoqualmie Coin (SNOW), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Oct 7, 2019 |
CVE-2018-13169 | The mintToken function of a smart contract implementation for Ethereum Cash Pro (ECP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Oct 7, 2019 |
CVE-2018-13168 | The mintToken function of a smart contract implementation for Yu Gi Oh (YGO) (Contract Name: NetkillerBatchToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13167 | The mintToken function of a smart contract implementation for Yu Gi Oh (YGO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13166 | The mintToken function of a smart contract implementation for AthletiCoin (ATHA), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13165 | The mintToken function of a smart contract implementation for JustDCoin (JustD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13164 | The mintToken function of a smart contract implementation for EPPCOIN (EPP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13163 | The mintToken function of a smart contract implementation for Ethernet Cash (ENC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13162 | The mintToken function of a smart contract implementation for ALEX, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13161 | The mintToken function of a smart contract implementation for MultiGames (MLT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13160 | The mintToken function of a smart contract implementation for etktokens (ETK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13159 | The mintToken function of a smart contract implementation for bankcoin (BNK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13158 | The mintToken function of a smart contract implementation for AssetToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13157 | The mintToken function of a smart contract implementation for CryptonitexCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13156 | The mintToken function of a smart contract implementation for bonusToken (BNS), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13155 | The mintToken function of a smart contract implementation for GEMCHAIN (GEM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | MEDIUM | Jul 4, 2018 |
CVE-2018-13153 | In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c. | MEDIUM | Jul 10, 2018 |
CVE-2018-13146 | The mintToken, buy, and sell functions of a smart contract implementation for LEF, an Ethereum token, have an integer overflow. | MEDIUM | Jul 4, 2018 |
CVE-2018-13145 | The mintToken function of a smart contract implementation for JavaSwapTest (JST), an Ethereum token, has an integer overflow. | MEDIUM | Jul 4, 2018 |
CVE-2018-13144 | ** DISPUTED ** The transfer and transferFrom functions of a smart contract implementation for Pandora (PDX), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party. | MEDIUM | Jul 4, 2018 |
CVE-2018-13140 | Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages. | HIGH | Sep 24, 2018 |
CVE-2018-13139 | A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. | MEDIUM | Jul 4, 2018 |
CVE-2018-13137 | The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_event_reapproved_email_body parameter to the wp-admin/edit.php?post_type=event&page=events-manager-options URI. | LOW | Apr 15, 2019 |
CVE-2018-13136 | The Ultimate Member (aka ultimatemember) plugin before 2.0.18 for WordPress has XSS via the wp-admin settings screen. | MEDIUM | Jul 4, 2018 |
CVE-2018-13134 | TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have XSS via the PATH_INFO to the /webpages/data URI. | MEDIUM | Jul 4, 2018 |
CVE-2018-13133 | Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated with the installation process on Windows. | MEDIUM | Jul 4, 2018 |
CVE-2018-13132 | Spadeico is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | MEDIUM | Jul 3, 2018 |
CVE-2018-13131 | SpadePreSale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | MEDIUM | Jul 3, 2018 |
CVE-2018-13130 | Bitotal (TFUND) is a smart contract running on Ethereum. The mintTokens function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | MEDIUM | Jul 3, 2018 |
CVE-2018-13129 | SP8DE Token (SPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | MEDIUM | Jul 3, 2018 |
CVE-2018-13128 | Etherty Token (ETY) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | MEDIUM | Jul 3, 2018 |
CVE-2018-13127 | SP8DE PreSale Token (DSPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | MEDIUM | Jul 3, 2018 |
CVE-2018-13126 | MoxyOnePresale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | MEDIUM | Jul 3, 2018 |
CVE-2018-13123 | onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via the i and f parameters, as demonstrated by ?i=etc/&f=passwd&p=raw_view for the /etc/passwd file. | MEDIUM | Jul 3, 2018 |
CVE-2018-13122 | onefilecms.php in OneFileCMS through2017-10-08 might allow attackers to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile URI. | MEDIUM | Oct 3, 2019 |
CVE-2018-13121 | RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service (array out-of-bounds access and application crash) via a crafted .aiff file. | MEDIUM | Jul 3, 2018 |
CVE-2018-13116 | /user/del.php in zzcms 8.3 allows SQL injection via the tablename parameter after leveraging use of the zzcms_ask table. | HIGH | Jul 3, 2018 |
CVE-2018-13115 | Lack of an authentication mechanism in KERUI Wifi Endoscope Camera (YPC99) allows an attacker to watch or block the camera stream. The RTSP server on port 7070 accepts the command STOP to stop streaming, and the command SETSSID to disconnect a user. | MEDIUM | Oct 22, 2018 |
CVE-2018-13114 | Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow an attacker to execute arbitrary commands (with a length limit of 19 characters) via the ssid value, as demonstrated by ssid:;ping 192.168.1.2 in the body of a SETSSID command. | HIGH | Oct 22, 2018 |
CVE-2018-13113 | ** DISPUTED ** The transfer and transferFrom functions of a smart contract implementation for Easy Trading Token (ETT), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party. | MEDIUM | Jul 3, 2018 |
CVE-2018-13112 | get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep. | MEDIUM | Jul 3, 2018 |
CVE-2018-13111 | There exists a partial Denial of Service vulnerability in Wanscam HW0021 IP Cameras. An attacker could craft a malicious POST request to crash the ONVIF service on such a device. | MEDIUM | Sep 21, 2018 |
CVE-2018-13110 | All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks. | HIGH | Jul 7, 2018 |