Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-04 CVE-2018-13129 Integer Overflow or Wraparound vulnerability in Sp8De
SP8DE Token (SPX) is a smart contract running on Ethereum.
network
low complexity
sp8de CWE-190
7.5
7.5
2018-07-04 CVE-2018-13128 Integer Overflow or Wraparound vulnerability in Etherty Token
Etherty Token (ETY) is a smart contract running on Ethereum.
network
low complexity
etherty CWE-190
7.5
7.5
2018-07-04 CVE-2018-13127 Integer Overflow or Wraparound vulnerability in Sp8De Presale Token
SP8DE PreSale Token (DSPX) is a smart contract running on Ethereum.
network
low complexity
sp8de CWE-190
7.5
7.5
2018-07-04 CVE-2018-13126 Integer Overflow or Wraparound vulnerability in Moxy Moxyonepresale
MoxyOnePresale is a smart contract running on Ethereum.
network
low complexity
moxy CWE-190
7.5
7.5
2018-07-04 CVE-2018-11429 Integer Overflow or Wraparound vulnerability in Atlant
ATLANT (ATL) is a smart contract running on Ethereum.
network
low complexity
atlant CWE-190
7.5
7.5
2018-07-04 CVE-2018-11335 Integer Overflow or Wraparound vulnerability in Genesis Vision Gvtoken
GVToken Genesis Vision (GVT) is a smart contract running on Ethereum.
network
low complexity
genesis-vision CWE-190
7.5
7.5
2018-07-03 CVE-2018-3754 SQL Injection vulnerability in Query-Mysql Project Query-Mysql 0.0.0/0.0.1/0.0.2
Node.js third-party module query-mysql versions 0.0.0, 0.0.1, and 0.0.2 are vulnerable to an SQL injection vulnerability due to lack of user input sanitization.
network
low complexity
query-mysql-project CWE-89
8.8
8.8
2018-07-03 CVE-2017-0929 Server-Side Request Forgery (SSRF) vulnerability in Dnnsoftware Dotnetnuke
DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class.
network
low complexity
dnnsoftware CWE-918
7.5
7.5
2018-07-03 CVE-2017-0921 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gitlab
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an unverified password change issue in the PasswordsController component resulting in potential account takeover if a victim's session is compromised.
network
high complexity
gitlab CWE-640
8.1
8.1
2018-07-03 CVE-2017-0919 Missing Authentication for Critical Function vulnerability in Gitlab
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the GitLab import component resulting in an attacker being able to perform operations under a group in which they were previously unauthorized.
network
low complexity
gitlab CWE-306
7.5
7.5