Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-12 CVE-2017-14709 Improper Certificate Validation vulnerability in Komoot
The komoot GmbH "Komoot - Cycling & Hiking Maps" app before 9.3.2 -- aka komoot-cycling-hiking-maps/id447374873 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
network
high complexity
komoot CWE-295
7.4
2018-07-12 CVE-2018-14006 Integer Overflow or Wraparound vulnerability in Ngtoken Project Ngtoken
An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract.
network
low complexity
ngtoken-project CWE-190
7.5
2018-07-12 CVE-2018-14005 Integer Overflow or Wraparound vulnerability in Malaysiancoin Project Malaysiancoin
An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract.
network
low complexity
malaysiancoin-project CWE-190
7.5
2018-07-12 CVE-2018-14004 Integer Overflow or Wraparound vulnerability in Globecoin Project Globecoin
An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract.
network
low complexity
globecoin-project CWE-190
7.5
2018-07-12 CVE-2018-14003 Integer Overflow or Wraparound vulnerability in Wmctoken Project Wmctoken
An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract.
network
low complexity
wmctoken-project CWE-190
7.5
2018-07-12 CVE-2018-14002 Integer Overflow or Wraparound vulnerability in MP3 Coin Project MP3 Coin
An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract.
network
low complexity
mp3-coin-project CWE-190
7.5
2018-07-12 CVE-2018-14001 Integer Overflow or Wraparound vulnerability in Sharktech Project Sharktech
An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract.
network
low complexity
sharktech-project CWE-190
7.5
2018-07-12 CVE-2018-13836 Integer Overflow or Wraparound vulnerability in Rocket Coin Project Rocket Coin
An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract.
network
low complexity
rocket-coin-project CWE-190
7.5
2018-07-12 CVE-2018-12540 Cross-Site Request Forgery (CSRF) vulnerability in Eclipse Vert.X
In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter.
network
low complexity
eclipse CWE-352
8.8
2018-07-12 CVE-2017-18155 Improper Input Validation vulnerability in Qualcomm products
While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault.
local
low complexity
qualcomm CWE-20
7.8