Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-25 | CVE-2018-12070 | Integer Overflow or Wraparound vulnerability in SEC Project SEC The sell function of a smart contract implementation for SEC, a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | 7.5 |
| 2018-06-25 | CVE-2018-12068 | Integer Overflow or Wraparound vulnerability in Tgtcoins Target Coin The sell function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | 7.5 |
| 2018-06-25 | CVE-2018-12067 | Integer Overflow or Wraparound vulnerability in Substratum The sell function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | 7.5 |
| 2018-06-25 | CVE-2018-12063 | Integer Overflow or Wraparound vulnerability in Intchain Node Token The sell function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | 7.5 |
| 2018-06-25 | CVE-2018-12062 | Integer Overflow or Wraparound vulnerability in Swft Swftcoin The sell function of a smart contract implementation for SwftCoin (SWFTC), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | 7.5 |
| 2018-06-25 | CVE-2018-11446 | Integer Overflow or Wraparound vulnerability in Gold Reward Project Gold Reward The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable buyPrice, aka the "tradeTrap" issue. | 7.5 |
| 2018-06-25 | CVE-2018-12703 | Improper Input Validation vulnerability in Block18 The approveAndCallcode function of a smart contract implementation for Block 18 (18T), an tradable Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer the contract's balances into their account) because the callcode (i.e., _spender.call(_extraData)) is not verified, aka the "evilReflex" issue. | 7.5 |
| 2018-06-25 | CVE-2018-12702 | Improper Input Validation vulnerability in GVE Globalvillage Ecosystem The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem (GVE), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer the contract's balances into their account) because the callcode (i.e., _spender.call(_extraData)) is not verified, aka the "evilReflex" issue. | 7.5 |
| 2018-06-23 | CVE-2018-12698 | demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. | 7.5 |
| 2018-06-23 | CVE-2018-12697 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. | 7.5 |