Weekly Vulnerabilities Reports > July 9 to 15, 2018
Overview
748 new vulnerabilities reported during this period, including 93 critical vulnerabilities and 529 high severity vulnerabilities. This weekly summary report vulnerabilities in 1054 products from 480 vendors including Adobe, Microsoft, IBM, Juniper, and Intel. Vulnerabilities are notably categorized as "Integer Overflow or Wraparound", "Out-of-bounds Read", "Out-of-bounds Write", "Cross-site Scripting", and "Information Exposure".
- 646 reported vulnerabilities are remotely exploitables.
- 48 reported vulnerabilities have public exploit available.
- 94 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 637 reported vulnerabilities are exploitable by an anonymous user.
- Adobe has the most reported vulnerabilities, with 55 reported vulnerabilities.
- Adobe has the most reported critical vulnerabilities, with 18 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
93 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-07-15 | CVE-2018-14066 | SQL Injection vulnerability in Google Android 6.0/7.0 The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. | 9.8 | |
2018-07-15 | CVE-2018-14065 | Phpoffice Project | XXE vulnerability in PHPoffice Project Common XMLReader.php in PHPOffice Common before 0.2.9 allows XXE. | 9.8 |
2018-07-15 | CVE-2018-14064 | Velotismart Project | Path Traversal vulnerability in Velotismart Project Velotismart Wifi Firmware B380 The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80. | 9.8 |
2018-07-15 | CVE-2018-14063 | Tracto | Integer Overflow or Wraparound vulnerability in Tracto The increaseApproval function of a smart contract implementation for Tracto (TRCT), an Ethereum ERC20 token, has an integer overflow. | 9.8 |
2018-07-15 | CVE-2018-14060 | MI | OS Command Injection vulnerability in MI Xiaomi R3D Firmware OS command injection in the AP mode settings feature in /cgi-bin/luci /api/misystem/set_router_wifiap on Xiaomi R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data. | 9.8 |
2018-07-15 | CVE-2018-14010 | MI | OS Command Injection vulnerability in MI products OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data. | 9.8 |
2018-07-13 | CVE-2016-9498 | Zohocorp | Deserialization of Untrusted Data vulnerability in Zohocorp Manageengine Applications Manager 12.0/13.0 ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects. | 9.8 |
2018-07-13 | CVE-2016-9492 | Jqueryform | Unrestricted Upload of File with Dangerous Type vulnerability in Jqueryform PHP Formmail Generator 20161206 The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to unrestricted upload of dangerous file types. | 9.8 |
2018-07-13 | CVE-2016-9483 | Jqueryform | Deserialization of Untrusted Data vulnerability in Jqueryform PHP Formmail Generator The PHP form code generated by PHP FormMail Generator deserializes untrusted input as part of the phpfmg_filman_download() function. | 9.8 |
2018-07-13 | CVE-2016-9482 | Jqueryform | Improper Authentication vulnerability in Jqueryform PHP Formmail Generator Code generated by PHP FormMail Generator may allow a remote unauthenticated user to bypass authentication in the to access the administrator panel by navigating directly to /admin.php?mod=admin&func=panel | 9.8 |
2018-07-13 | CVE-2016-6567 | Shdesigns | Improper Input Validation vulnerability in Shdesigns Resident Download Manager SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000 CPU boards, which according to the reporter may be used in some industrial control and embedded applications. | 9.8 |
2018-07-13 | CVE-2016-6566 | Sungardas | SQL Injection vulnerability in Sungardas Etrakit3 3.2.1.17 The valueAsString parameter inside the JSON payload contained by the ucLogin_txtLoginId_ClientStat POST parameter of the Sungard eTRAKiT3 software version 3.2.1.17 is not properly validated. | 9.8 |
2018-07-13 | CVE-2016-6563 | Dlink | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dlink products Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. | 9.8 |
2018-07-13 | CVE-2016-6559 | Freebsd | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. | 9.8 |
2018-07-13 | CVE-2016-6558 | Asus | Command Injection vulnerability in Asus products A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. | 9.8 |
2018-07-13 | CVE-2016-6554 | Synology | Credentials Management vulnerability in Synology Ds107 Firmware and Ds213 Firmware Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . | 9.8 |
2018-07-13 | CVE-2016-6553 | Nuuo | Credentials Management vulnerability in Nuuo Nt-4040 Titan Firmware Nt404001.07.0000.00151120 Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses non-random default credentials of: admin:admin and localdisplay:111111. | 9.8 |
2018-07-13 | CVE-2016-6552 | Greenpacket | Credentials Management vulnerability in Greenpacket Dx-350 Firmware Green Packet DX-350 uses non-random default credentials of: root:wimax. | 9.8 |
2018-07-13 | CVE-2016-6551 | Intelliantech | Credentials Management vulnerability in Intelliantech products Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses non-random default credentials of: ftp/ftp or intellian:12345678. | 9.8 |
2018-07-13 | CVE-2016-6548 | Nutspace | Information Exposure vulnerability in Nutspace NUT Mobile The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS. | 9.8 |
2018-07-13 | CVE-2016-6545 | Ieasytec | Session Fixation vulnerability in Ieasytec Itrackeasy Session cookies are not used for maintaining valid sessions in iTrack Easy. | 9.8 |
2018-07-13 | CVE-2018-8847 | Eaton | Out-of-bounds Write vulnerability in Eaton 9000X Firmware 2.0.29 Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution. | 9.8 |
2018-07-13 | CVE-2018-14054 | Techsmith | Double Free vulnerability in Techsmith Mp4V2 2.0.0 A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. | 9.8 |
2018-07-13 | CVE-2018-14043 | Monetra | Incorrect Permission Assignment for Critical Resource vulnerability in Monetra Mstdlib 1.2.0 mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect file access control in situations where M_fs_perms_can_access attempts to delete an existing file (that lacks public read/write access) during a copy operation, related to fs/m_fs.c and fs/m_fs_path.c. | 9.8 |
2018-07-12 | CVE-2018-14012 | Wolfsight | SQL Injection vulnerability in Wolfsight CMS 3.2 WolfSight CMS 3.2 allows SQL injection via the PATH_INFO to the default URI. | 9.8 |
2018-07-12 | CVE-2018-14009 | Codiad | Improper Input Validation vulnerability in Codiad Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689. | 9.8 |
2018-07-12 | CVE-2018-12463 | HP | XXE vulnerability in HP Fortify Software Security Center 17.1/17.2/18.1 An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. | 9.8 |
2018-07-12 | CVE-2018-13996 | Codeplea | Out-of-bounds Read vulnerability in Codeplea Genann 20180708 Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c. | 9.8 |
2018-07-11 | CVE-2018-0042 | Juniper | Information Exposure Through Log Files vulnerability in Juniper Contrail Service Orchestration Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an information disclosure vulnerability. | 9.8 |
2018-07-11 | CVE-2018-0041 | Juniper | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials to access Keystone service. | 9.8 |
2018-07-11 | CVE-2018-0040 | Juniper | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized access to services. | 9.8 |
2018-07-11 | CVE-2018-0039 | Juniper | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service enabled by default with hardcoded credentials. | 9.8 |
2018-07-11 | CVE-2018-0038 | Juniper | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service enabled by default with hardcoded credentials. | 9.8 |
2018-07-11 | CVE-2018-0037 | Juniper | Improper Input Validation vulnerability in Juniper Junos 15.1 Junos OS routing protocol daemon (RPD) process may crash and restart or may lead to remote code execution while processing specific BGP NOTIFICATION messages. | 9.8 |
2018-07-11 | CVE-2018-0035 | Juniper | Unspecified vulnerability in Juniper Junos 15.1X53 QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment (ONIE) partition. | 9.8 |
2018-07-11 | CVE-2018-10635 | Universal Robots | Missing Authentication for Critical Function vulnerability in Universal-Robots Cb3.1 Firmware 3.4.5100 In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. | 9.8 |
2018-07-11 | CVE-2018-10633 | Universal Robots | Use of Hard-coded Credentials vulnerability in Universal-Robots Cb3.1 Firmware 3.4.5100 Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded credentials that may allow an attacker to reset passwords for the controller. | 9.8 |
2018-07-11 | CVE-2018-10197 | ELO | SQL Injection vulnerability in ELO Access Manager 10.17.120/9.17.120 There is a time-based blind SQL injection vulnerability in the Access Manager component before 9.18.040 and 10.x before 10.18.040 in ELO ELOenterprise 9 and 10 and ELOprofessional 9 and 10 that makes it possible to read all database content. | 9.8 |
2018-07-11 | CVE-2018-0500 | Haxx Canonical | Out-of-bounds Write vulnerability in multiple products Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value). | 9.8 |
2018-07-11 | CVE-2017-7467 | Minicom Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Minicom Project Minicom A buffer overflow flaw was found in the way minicom before version 2.7.1 handled VT100 escape sequences. | 9.8 |
2018-07-11 | CVE-2018-8327 | Microsoft | Unspecified vulnerability in Microsoft Powershell Editor Services and Powershell Extension A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code Execution Vulnerability." This affects PowerShell Editor, PowerShell Extension. | 9.8 |
2018-07-11 | CVE-2018-8319 | Microsoft | Incorrect Calculation vulnerability in Microsoft Research Javascript Cryptography Library 1.4 A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability." This affects Microsoft Research JavaScript Cryptography Library. | 9.8 |
2018-07-10 | CVE-2018-13876 | Hdfgroup | Out-of-bounds Write vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 9.8 |
2018-07-10 | CVE-2018-13874 | Hdfgroup | Out-of-bounds Write vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 9.8 |
2018-07-10 | CVE-2018-13873 | Hdfgroup | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 9.8 |
2018-07-10 | CVE-2018-13872 | Hdfgroup | Out-of-bounds Write vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 9.8 |
2018-07-10 | CVE-2018-13871 | Hdfgroup | Out-of-bounds Write vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 9.8 |
2018-07-10 | CVE-2018-13870 | Hdfgroup | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 9.8 |
2018-07-10 | CVE-2018-13869 | Hdfgroup | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 9.8 |
2018-07-10 | CVE-2018-13868 | Hdfgroup | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 9.8 |
2018-07-10 | CVE-2018-13867 | Hdfgroup | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 9.8 |
2018-07-10 | CVE-2018-13866 | Hdfgroup | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 9.8 |
2018-07-10 | CVE-2018-13850 | Icanstudioz | SQL Injection vulnerability in Icanstudioz Firebase Push Notification on IOS / FCM + Advance Admin Panel 20171026 The "Firebase Cloud Messaging (FCM) + Advance Admin Panel" component supporting Firebase Push Notification on iOS (through 2017-10-26) allows SQL injection via the /advance_push/public/login username parameter. | 9.8 |
2018-07-10 | CVE-2018-13846 | Axiosys | Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1624 An issue has been found in Bento4 1.5.1-624. | 9.8 |
2018-07-10 | CVE-2018-13845 | Htslib | Out-of-bounds Read vulnerability in Htslib 1.8 An issue has been found in HTSlib 1.8. | 9.8 |
2018-07-10 | CVE-2018-5553 | Crestron | OS Command Injection vulnerability in Crestron products The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access. | 9.8 |
2018-07-10 | CVE-2018-9853 | Freesshd | Improper Privilege Management vulnerability in Freesshd 1.3.1 Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server. | 9.8 |
2018-07-10 | CVE-2018-13818 | Symfony | Code Injection vulnerability in Symfony Twig Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. | 9.8 |
2018-07-10 | CVE-2018-1337 | Apache | Information Exposure vulnerability in Apache Directory Ldap API 1.0.0 In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contained in this request (including the credentials when sending a BIND request). | 9.8 |
2018-07-10 | CVE-2018-13797 | Node Macaddress Project | OS Command Injection vulnerability in Node-Macaddress Project Node-Macaddress The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call. | 9.8 |
2018-07-09 | CVE-2018-13794 | Catimg Project | Out-of-bounds Write vulnerability in Catimg Project Catimg A heap-based buffer overflow exists in stbi__bmp_load_cont in stb_image.h in catimg 2.4.0. | 9.8 |
2018-07-09 | CVE-2018-13791 | Abbyy | Incorrect Permission Assignment for Critical Resource vulnerability in Abbyy Flexicapture The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter. | 9.8 |
2018-07-09 | CVE-2018-1000620 | Cryptiles Project | Insufficient Entropy vulnerability in Cryptiles Project Cryptiles 4.1.1 Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331: Insufficient Entropy vulnerability in randomDigits() method that can result in An attacker is more likely to be able to brute force something that was supposed to be random.. | 9.8 |
2018-07-09 | CVE-2018-1000618 | Eosio Project | Uncontrolled Recursion vulnerability in Eosio Project EOS EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contains a stack overflow vulnerability in abi_serializer that can result in attack eos network node. | 9.8 |
2018-07-09 | CVE-2018-1000616 | Onosproject | XXE vulnerability in Onosproject Onos ONOS ONOS controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in onos\drivers\utilities\src\main\java\org\onosproject\drivers\utilities\XmlConfigParser.java loadxml() that can result in An adversary can remotely launch XXE attacks on ONOS controller via an OpenConfig Terminal Device.. | 9.8 |
2018-07-09 | CVE-2018-1000614 | Onosproject | XXE vulnerability in Onosproject Onos ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XXE attacks on ONOS controller without authentication.. | 9.8 |
2018-07-09 | CVE-2018-1000613 | Bouncycastle Netapp Opensuse Oracle | Unsafe Reflection vulnerability in multiple products Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code. | 9.8 |
2018-07-09 | CVE-2018-5002 | Adobe Redhat | Out-of-bounds Write vulnerability in multiple products Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4996 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4995 | Adobe | Injection vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an XFA '\n' POST injection vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4989 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4988 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4987 | Adobe | NULL Pointer Dereference vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Untrusted pointer dereference vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4984 | Adobe | Out-of-bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4983 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4978 | Adobe | Out-of-bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4977 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4968 | Adobe | Out-of-bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4966 | Adobe | Out-of-bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4961 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4959 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4958 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4950 | Adobe | Out-of-bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds write vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4948 | Adobe | Out-of-bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. | 9.8 |
2018-07-09 | CVE-2018-4947 | Adobe | Out-of-bounds Write vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. | 9.8 |
2018-07-09 | CVE-2017-3198 | Gigabyte | Missing Encryption of Sensitive Data vulnerability in Gigabyte Gb-Bsi7H-6500 Firmware and Gb-Bxi7-5775 Firmware GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. | 9.8 |
2018-07-09 | CVE-2017-3197 | Gigabyte | Improper Input Validation vulnerability in Gigabyte Gb-Bsi7H-6500 Firmware and Gb-Bxi7-5775 Firmware GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and GB-BXi7-5775 (version F2) platforms does not securely implement BIOSWE, BLE, SMM_BWP, and PRx features. | 9.8 |
2018-07-09 | CVE-2013-3000 | IBM | SQL Injection vulnerability in IBM Infosphere Data Replication Dashboard 10.1/9.7 SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
2018-07-09 | CVE-2018-11542 | Ribboncommunications | Unspecified vulnerability in Ribboncommunications products A Remote Command Execution (RCE) vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows for the execution of arbitrary commands via an unspecified vector. | 9.8 |
2018-07-09 | CVE-2018-11541 | Ribboncommunications | Missing Authorization vulnerability in Ribboncommunications products A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows unauthorised access to privileged content via an unspecified vector. | 9.8 |
2018-07-10 | CVE-2018-2437 | SAP | Unspecified vulnerability in SAP Internet Graphics Server The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification. | 9.1 |
2018-07-09 | CVE-2018-13784 | Prestashop | Unspecified vulnerability in Prestashop PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php. | 9.1 |
2018-07-09 | CVE-2017-7471 | Qemu | Incorrect Permission Assignment for Critical Resource vulnerability in Qemu Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to an improper access control issue. | 9.0 |
529 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-07-15 | CVE-2018-14069 | Srcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Srcms Project Srcms 2.3.1 An issue was discovered in SRCMS V2.3.1. | 8.8 |
2018-07-15 | CVE-2018-14068 | Srcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Srcms Project Srcms 2.3.1 An issue was discovered in SRCMS V2.3.1. | 8.8 |
2018-07-13 | CVE-2016-9497 | Hughes | Improper Authentication vulnerability in Hughes products Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. | 8.8 |
2018-07-13 | CVE-2016-9495 | Hughes | Use of Hard-coded Credentials vulnerability in Hughes products Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. | 8.8 |
2018-07-13 | CVE-2016-9489 | Zohocorp | Permissions, Privileges, and Access Controls vulnerability in Zohocorp Manageengine Applications Manager 12.0/13.0 In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. | 8.8 |
2018-07-13 | CVE-2016-6578 | Filecloud | Cross-Site Request Forgery (CSRF) vulnerability in Filecloud CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a global cross-site request forgery (CSRF) vulnerability. | 8.8 |
2018-07-13 | CVE-2016-6557 | Asus | Cross-Site Request Forgery (CSRF) vulnerability in Asus products In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. | 8.8 |
2018-07-13 | CVE-2018-1000209 | Sensu | Incorrect Permission Assignment for Critical Resource vulnerability in Sensu Core Sensu, Inc. | 8.8 |
2018-07-13 | CVE-2018-1000206 | Jfrog | Cross-Site Request Forgery (CSRF) vulnerability in Jfrog Artifactory JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. | 8.8 |
2018-07-13 | CVE-2018-1245 | EMC | Incorrect Authorization vulnerability in EMC RSA Identity Governance and Lifecycle 7.0.1/7.0.2/7.1.0 RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM). | 8.8 |
2018-07-13 | CVE-2018-10018 | Gdata Software | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gdata-Software Total Security 25.4.0.3 The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA Total Security 25.4.0.3 has a buffer overflow via a long IsBlackListed argument. | 8.8 |
2018-07-13 | CVE-2018-14046 | Exiv2 | Out-of-bounds Read vulnerability in Exiv2 0.26 Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp. | 8.8 |
2018-07-13 | CVE-2018-14035 | Hdfgroup | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 8.8 |
2018-07-13 | CVE-2018-14034 | Hdfgroup | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 8.8 |
2018-07-13 | CVE-2018-14033 | Hdfgroup | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 8.8 |
2018-07-13 | CVE-2018-14031 | Hdfgroup | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 8.8 |
2018-07-13 | CVE-2018-14029 | Creatiwity | Cross-Site Request Forgery (CSRF) vulnerability in Creatiwity Witycms 0.6.2 CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field. | 8.8 |
2018-07-12 | CVE-2018-14014 | Super CMS Project | Cross-Site Request Forgery (CSRF) vulnerability in Super CMS Project Super CMS 20150505 In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd. | 8.8 |
2018-07-12 | CVE-2018-12980 | Wago | Unrestricted Upload of File with Dangerous Type vulnerability in Wago products An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. | 8.8 |
2018-07-12 | CVE-2018-12540 | Eclipse | Cross-Site Request Forgery (CSRF) vulnerability in Eclipse Vert.X In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. | 8.8 |
2018-07-12 | CVE-2018-10895 | Qutebrowser | Cross-Site Request Forgery (CSRF) vulnerability in Qutebrowser qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs. | 8.8 |
2018-07-11 | CVE-2018-13989 | Arcelikas | Cross-Site Request Forgery (CSRF) vulnerability in Arcelikas Grundig Smart Inter@Ctive Firmware 3.0 Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST request to TCP port 8085 containing a predictable ID value, as demonstrated by a /sendrcpackage?keyid=-2544&keysymbol=-4081 request to shut off the device. | 8.8 |
2018-07-11 | CVE-2018-8311 | Microsoft | Improper Input Validation vulnerability in Microsoft Lync and Skype for Business A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content, aka "Remote Code Execution Vulnerability in Skype For Business and Lync." This affects Skype, Microsoft Lync. | 8.8 |
2018-07-11 | CVE-2018-8300 | Microsoft | Improper Input Validation vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka "Microsoft SharePoint Remote Code Execution Vulnerability." This affects Microsoft SharePoint. | 8.8 |
2018-07-11 | CVE-2018-8260 | Microsoft | Improper Input Validation vulnerability in Microsoft .Net Framework 4.7.2 A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka ".NET Framework Remote Code Execution Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2. | 8.8 |
2018-07-10 | CVE-2018-3628 | Intel | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Active Management Technology Firmware Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet. | 8.8 |
2018-07-10 | CVE-2018-2436 | SAP | Missing Authorization vulnerability in SAP R/3 Enterprise Retail Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 8.8 |
2018-07-10 | CVE-2018-2427 | SAP | Code Injection vulnerability in SAP products SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. | 8.8 |
2018-07-10 | CVE-2018-1331 | Apache | Unspecified vulnerability in Apache Storm In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 through 1.1.2, and 1.2.0 through 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user. | 8.8 |
2018-07-09 | CVE-2018-13793 | Abbyy | Cross-Site Request Forgery (CSRF) vulnerability in Abbyy Flexicapture Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login. | 8.8 |
2018-07-09 | CVE-2018-1000619 | Ovidentia | Unrestricted Upload of File with Dangerous Type vulnerability in Ovidentia Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution. | 8.8 |
2018-07-09 | CVE-2018-4998 | Adobe | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have a Memory corruption vulnerability. | 8.8 |
2018-07-09 | CVE-2018-4997 | Adobe | Out-of-bounds Write vulnerability in Adobe products Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have an Out-of-bounds write vulnerability. | 8.8 |
2018-07-09 | CVE-2018-4990 | Adobe | Double Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Double Free vulnerability. | 8.8 |
2018-07-09 | CVE-2018-4982 | Adobe | Out-of-bounds Write vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. | 8.8 |
2018-07-09 | CVE-2018-4980 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 8.8 |
2018-07-09 | CVE-2018-4974 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 8.8 |
2018-07-09 | CVE-2018-4971 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 8.8 |
2018-07-09 | CVE-2018-4954 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 8.8 |
2018-07-09 | CVE-2018-4953 | Adobe | Incorrect Type Conversion or Cast vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Type Confusion vulnerability. | 8.8 |
2018-07-09 | CVE-2018-4952 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. | 8.8 |
2018-07-09 | CVE-2018-4946 | Adobe | Out-of-bounds Write vulnerability in Adobe Photoshop CC Adobe Photoshop CC versions 19.1.3 and earlier, 18.1.3 and earlier, and 18.1.2 and earlier have an Out-of-bounds write vulnerability. | 8.8 |
2018-07-09 | CVE-2018-4945 | Adobe Redhat | Incorrect Type Conversion or Cast vulnerability in multiple products Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. | 8.8 |
2018-07-09 | CVE-2018-12977 | Softexpert | SQL Injection vulnerability in Softexpert Excellence Suite 2.0 A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite 2.0 allows remote authenticated users to perform SQL heuristics by pulling information from the database with the "cddocument" parameter in the "Downloading Electronic Documents" section. | 8.8 |
2018-07-10 | CVE-2018-3682 | Intel | Improper Privilege Management vulnerability in Intel BMC Firmware BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS. | 8.2 |
2018-07-10 | CVE-2018-3627 | Intel Netapp | Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access. | 8.2 |
2018-07-13 | CVE-2016-6564 | Infinixauthority Bluproducts Xolo Beeline IKU Mobile Leagoo Doogee | Permissions, Privileges, and Access Controls vulnerability in multiple products Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. | 8.1 |
2018-07-11 | CVE-2018-0025 | Juniper | Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a man-in-the-middle attack or by authentic servers subverted by malicious actors. | 8.1 |
2018-07-11 | CVE-2018-8284 | Microsoft | Code Injection vulnerability in Microsoft products A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. | 8.1 |
2018-07-10 | CVE-2018-10887 | Libgit2 Debian | Incorrect Conversion between Numeric Types vulnerability in multiple products A flaw was found in libgit2 before version 0.27.3. | 8.1 |
2018-07-10 | CVE-2018-10861 | Ceph Redhat Opensuse Debian | Improper Authentication vulnerability in multiple products A flaw was found in the way ceph mon handles user requests. | 8.1 |
2018-07-09 | CVE-2018-6967 | Vmware | Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. | 8.1 |
2018-07-09 | CVE-2018-6966 | Vmware | Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. | 8.1 |
2018-07-09 | CVE-2018-6965 | Vmware | Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. | 8.1 |
2018-07-09 | CVE-2018-1000621 | Mycroft | Incorrect Permission Assignment for Critical Resource vulnerability in Mycroft Mycroft-Core Mycroft AI mycroft-core version 18.2.8b and earlier contains a Incorrect Access Control vulnerability in Websocket configuration that can result in code execution. | 8.1 |
2018-07-11 | CVE-2018-11529 | Debian Videolan | Use After Free vulnerability in multiple products VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. | 8.0 |
2018-07-13 | CVE-2018-10875 | Redhat Debian Suse Canonical | Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. | 7.8 |
2018-07-13 | CVE-2017-13097 | Cryptographic Issues vulnerability in - The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. | 7.8 | |
2018-07-13 | CVE-2017-13096 | Cryptographic Issues vulnerability in - The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. | 7.8 | |
2018-07-13 | CVE-2017-13095 | Cryptographic Issues vulnerability in - The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. | 7.8 | |
2018-07-13 | CVE-2017-13094 | Cryptographic Issues vulnerability in - The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. | 7.8 | |
2018-07-13 | CVE-2017-13093 | Cryptographic Issues vulnerability in - The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. | 7.8 | |
2018-07-13 | CVE-2017-13092 | Cryptographic Issues vulnerability in - The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. | 7.8 | |
2018-07-13 | CVE-2017-13091 | Cryptographic Issues vulnerability in - The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. | 7.8 | |
2018-07-13 | CVE-2016-9487 | W3 | XXE vulnerability in W3 Epubcheck 4.0.1 EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. | 7.8 |
2018-07-13 | CVE-2016-9486 | Forescout | Permissions, Privileges, and Access Controls vulnerability in Forescout Secureconnector On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. | 7.8 |
2018-07-13 | CVE-2016-9485 | Forescout | Permissions, Privileges, and Access Controls vulnerability in Forescout Secureconnector On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. | 7.8 |
2018-07-13 | CVE-2016-6547 | Nutspace | Information Exposure vulnerability in Nutspace NUT Mobile The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. | 7.8 |
2018-07-13 | CVE-2016-6546 | Kkmcn | Information Exposure vulnerability in Kkmcn Itrackeasy The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. | 7.8 |
2018-07-13 | CVE-2018-1000210 | Yamldotnet Project | Authorization Bypass Through User-Controlled Key vulnerability in Yamldotnet Project Yamldotnet YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);" and blindly instantiates them. | 7.8 |
2018-07-13 | CVE-2018-7535 | Totalav | Incorrect Default Permissions vulnerability in Totalav 4.1.7/4.6.19 An issue was discovered in TotalAV v4.1.7. | 7.8 |
2018-07-12 | CVE-2018-5529 | F5 | Unspecified vulnerability in F5 Big-Ip Access Policy Manager and Big-Ip Edge The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. | 7.8 |
2018-07-12 | CVE-2017-18155 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault. | 7.8 |
2018-07-11 | CVE-2018-0024 | Juniper | Improper Privilege Management vulnerability in Juniper Junos An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. | 7.8 |
2018-07-11 | CVE-2018-3936 | Antennahouse | Out-of-bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1 In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. | 7.8 |
2018-07-11 | CVE-2018-3933 | Antennahouse | Out-of-bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1 An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). | 7.8 |
2018-07-11 | CVE-2018-3932 | Antennahouse | Out-of-bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1 An exploitable stack-based buffer overflow exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). | 7.8 |
2018-07-11 | CVE-2018-3931 | Antennahouse | Out-of-bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1 In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. | 7.8 |
2018-07-11 | CVE-2018-3930 | Antennahouse | Out-of-bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1 In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. | 7.8 |
2018-07-11 | CVE-2018-3929 | Antennahouse | Out-of-bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1 An exploitable heap corruption exists in the PowerPoint document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). | 7.8 |
2018-07-11 | CVE-2013-2951 | IBM | Credentials Management vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. | 7.8 |
2018-07-11 | CVE-2018-8313 | Microsoft | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. | 7.8 |
2018-07-11 | CVE-2018-8312 | Microsoft | Unspecified vulnerability in Microsoft Access and Office A remote code execution vulnerability exists when Microsoft Access fails to properly handle objects in memory, aka "Microsoft Access Remote Code Execution Vulnerability." This affects Microsoft Access, Microsoft Office. | 7.8 |
2018-07-11 | CVE-2018-8282 | Microsoft | Improper Resource Shutdown or Release vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 7.8 |
2018-07-11 | CVE-2018-8281 | Microsoft | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Microsoft Office, Microsoft Office Word Viewer. | 7.8 |
2018-07-11 | CVE-2018-8238 | Microsoft | Unspecified vulnerability in Microsoft Lync and Skype for Business A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync. | 7.8 |
2018-07-11 | CVE-2018-8232 | Microsoft | Improper Input Validation vulnerability in Microsoft Visual Studio 2017 15.7.5/15.8 A Tampering vulnerability exists when Microsoft Macro Assembler improperly validates code, aka "Microsoft Macro Assembler Tampering Vulnerability." This affects Microsoft Visual Studio. | 7.8 |
2018-07-11 | CVE-2018-8202 | Microsoft | Unspecified vulnerability in Microsoft .Net Framework An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. | 7.8 |
2018-07-11 | CVE-2018-8172 | Microsoft | Unspecified vulnerability in Microsoft Expression Blend, Visual Studio and Visual Studio 2017 A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4. | 7.8 |
2018-07-10 | CVE-2018-3688 | Intel | Unquoted Search Path or Element vulnerability in Intel Quartus Prime Programmer and Tools 15.1/18.0 Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code. | 7.8 |
2018-07-10 | CVE-2018-3687 | Intel | Unquoted Search Path or Element vulnerability in Intel Quartus II Programmer and Tools 11.0/15.0 Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code. | 7.8 |
2018-07-10 | CVE-2018-3684 | Intel | Unquoted Search Path or Element vulnerability in Intel Quartus II 11.0/15.0 Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code. | 7.8 |
2018-07-10 | CVE-2018-3683 | Intel | Unquoted Search Path or Element vulnerability in Intel Quartus Prime Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code. | 7.8 |
2018-07-10 | CVE-2018-3668 | Intel | Unquoted Search Path or Element vulnerability in Intel Processor Diagnostic Tool 4.1.0.24 Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code. | 7.8 |
2018-07-10 | CVE-2018-3667 | Intel | Insecure Default Initialization of Resource vulnerability in Intel Processor Diagnostic Tool 4.1.0.24 Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation. | 7.8 |
2018-07-10 | CVE-2018-13875 | Hdfgroup | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20 An issue was discovered in the HDF HDF5 1.8.20 library. | 7.8 |
2018-07-10 | CVE-2018-1566 | IBM | Use of Externally-Controlled Format String vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to execute arbitrary code due to a format string error. | 7.8 |
2018-07-10 | CVE-2018-1487 | IBM | Untrusted Search Path vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5 and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege users full access to the DB2 instance account by loading a malicious shared library. | 7.8 |
2018-07-10 | CVE-2018-1458 | IBM | Untrusted Search Path vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10,1, 10.5 and 11.1 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks. | 7.8 |
2018-07-10 | CVE-2018-13833 | Cmft Project | Out-of-bounds Write vulnerability in Cmft Project Cmft 20170924 An issue was discovered in cmft through 2017-09-24. | 7.8 |
2018-07-09 | CVE-2018-1000622 | Rust Lang | Uncontrolled Search Path Element vulnerability in Rust-Lang Rust The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. | 7.8 |
2018-07-09 | CVE-2018-4858 | Siemens | Unspecified vulnerability in Siemens products A vulnerability has been identified in IEC 61850 system configurator (All versions < V5.80), DIGSI 5 (affected as IEC 61850 system configurator is incorporated) (All versions < V7.80), DIGSI 4 (All versions < V4.93), SICAM PAS/PQS (All versions < V8.11), SICAM PQ Analyzer (All versions < V3.11), SICAM SCC (All versions < V9.02 HF3). | 7.8 |
2018-07-09 | CVE-2018-6857 | Sophos | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. | 7.8 |
2018-07-09 | CVE-2018-6856 | Sophos | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x8020601C. | 7.8 |
2018-07-09 | CVE-2018-6855 | Sophos | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202014. | 7.8 |
2018-07-09 | CVE-2018-6854 | Sophos | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via multiple IOCTLs, e.g., 0x8810200B, 0x8810200F, 0x8810201B, 0x8810201F, 0x8810202B, 0x8810202F, 0x8810203F, 0x8810204B, 0x88102003, 0x88102007, 0x88102013, 0x88102017, 0x88102027, 0x88102033, 0x88102037, 0x88102043, and 0x88102047. | 7.8 |
2018-07-09 | CVE-2018-6853 | Sophos | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206024. | 7.8 |
2018-07-09 | CVE-2018-6852 | Sophos | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202298. | 7.8 |
2018-07-09 | CVE-2018-6851 | Sophos | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos products Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206040. | 7.8 |
2018-07-09 | CVE-2018-1000404 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins AWS Codebuild Jenkins project Jenkins AWS CodeBuild Plugin version 0.26 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSClientFactory.java, CodeBuilder.java that can result in Credentials Disclosure. | 7.8 |
2018-07-09 | CVE-2018-1000403 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins AWS Codedeploy Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodeDeployPublisher.java that can result in Credentials Disclosure. | 7.8 |
2018-07-09 | CVE-2018-1000401 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins AWS Codepipeline Jenkins project Jenkins AWS CodePipeline Plugin version 0.36 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodePipelineSCM.java that can result in Credentials Disclosure. | 7.8 |
2018-07-10 | CVE-2018-3652 | Intel | Information Exposure vulnerability in Intel products Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces. | 7.6 |
2018-07-15 | CVE-2018-14073 | Libsixel Project | Missing Release of Resource after Effective Lifetime vulnerability in Libsixel Project Libsixel 1.8.1 libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c. | 7.5 |
2018-07-15 | CVE-2018-14072 | Libsixel Project | Missing Release of Resource after Effective Lifetime vulnerability in Libsixel Project Libsixel 1.8.1 libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c. | 7.5 |
2018-07-13 | CVE-2016-9484 | Jqueryform | Path Traversal vulnerability in Jqueryform PHP Formmail Generator The generated PHP form code does not properly validate user input folder directories, allowing a remote unauthenticated attacker to perform a path traversal and access arbitrary files on the server. | 7.5 |
2018-07-13 | CVE-2016-6565 | Imagely | Improper Input Validation vulnerability in Imagely Nextgen Gallery The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some circumstances (dependent on server configuration). | 7.5 |
2018-07-13 | CVE-2016-6562 | Mitel | Improper Certificate Validation vulnerability in Mitel Shortel Mobility Client 9.1.3.109 On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly validate SSL certificates provided by HTTPS connections, which means that an attacker in the position to perform MITM attacks may be able to obtain sensitive account information such as login credentials. | 7.5 |
2018-07-13 | CVE-2016-6544 | Ieasytec | Improper Authentication vulnerability in Ieasytec Itrack Easy getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. | 7.5 |
2018-07-13 | CVE-2018-1000211 | Doorkeeper Project | Incorrect Permission Assignment for Critical Resource vulnerability in Doorkeeper Project Doorkeeper Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps, leaking access until expiry. | 7.5 |
2018-07-13 | CVE-2018-1000208 | Modx | Path Traversal vulnerability in Modx Revolution MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. | 7.5 |
2018-07-13 | CVE-2018-9067 | Lenovo | Unspecified vulnerability in Lenovo Help The Lenovo Help Android app versions earlier than 6.1.2.0327 had insufficient access control for some functions which, if exploited, could have led to exposure of approximately 400 email addresses and 8,500 IMEI. | 7.5 |
2018-07-13 | CVE-2018-14051 | Libwav Project | Infinite Loop vulnerability in Libwav Project Libwav The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop. | 7.5 |
2018-07-13 | CVE-2018-14045 | Surina | Reachable Assertion vulnerability in Surina Soundtouch 2.0.0 The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. | 7.5 |
2018-07-13 | CVE-2018-14044 | Surina | Reachable Assertion vulnerability in Surina Soundtouch 2.0.0 The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. | 7.5 |
2018-07-12 | CVE-2018-14006 | Ngtoken Project | Integer Overflow or Wraparound vulnerability in Ngtoken Project Ngtoken An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract. | 7.5 |
2018-07-12 | CVE-2018-14005 | Malaysiancoin Project | Integer Overflow or Wraparound vulnerability in Malaysiancoin Project Malaysiancoin An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. | 7.5 |
2018-07-12 | CVE-2018-14004 | Globecoin Project | Integer Overflow or Wraparound vulnerability in Globecoin Project Globecoin An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. | 7.5 |
2018-07-12 | CVE-2018-14003 | Wmctoken Project | Integer Overflow or Wraparound vulnerability in Wmctoken Project Wmctoken An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. | 7.5 |
2018-07-12 | CVE-2018-14002 | MP3 Coin Project | Integer Overflow or Wraparound vulnerability in MP3 Coin Project MP3 Coin An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. | 7.5 |
2018-07-12 | CVE-2018-14001 | Sharktech Project | Integer Overflow or Wraparound vulnerability in Sharktech Project Sharktech An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. | 7.5 |
2018-07-12 | CVE-2018-13836 | Rocket Coin Project | Integer Overflow or Wraparound vulnerability in Rocket Coin Project Rocket Coin An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. | 7.5 |
2018-07-12 | CVE-2018-13997 | Codeplea | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Codeplea Genann 20180708 Genann through 2018-07-08 has a SEGV in genann_run in genann.c. | 7.5 |
2018-07-11 | CVE-2018-0032 | Juniper | Improper Input Validation vulnerability in Juniper Junos The receipt of a crafted BGP UPDATE can lead to a routing process daemon (RPD) crash and restart. | 7.5 |
2018-07-11 | CVE-2018-0030 | Juniper | Resource Exhaustion vulnerability in Juniper Junos Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart. | 7.5 |
2018-07-11 | CVE-2018-0026 | Juniper | Unspecified vulnerability in Juniper Junos 15.1/15.1X8 After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect. | 7.5 |
2018-07-11 | CVE-2013-2972 | IBM | Improper Access Control vulnerability in IBM Websphere Cast Iron Cloud Integration 6.0.0.0/6.1.0.0/6.3.0.0 IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors. | 7.5 |
2018-07-11 | CVE-2013-0589 | IBM | Information Exposure vulnerability in IBM Inotes IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. | 7.5 |
2018-07-11 | CVE-2018-8310 | Microsoft | Unspecified vulnerability in Microsoft Office and Word A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails, aka "Microsoft Office Tampering Vulnerability." This affects Microsoft Word, Microsoft Office. | 7.5 |
2018-07-11 | CVE-2018-8301 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Edge A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. | 7.5 |
2018-07-11 | CVE-2018-8298 | Microsoft | Type Confusion vulnerability in Microsoft Chakracore A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. | 7.5 |
2018-07-11 | CVE-2018-8296 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. | 7.5 |
2018-07-11 | CVE-2018-8294 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. | 7.5 |
2018-07-11 | CVE-2018-8291 | Microsoft | Type Confusion vulnerability in Microsoft Chakracore, Edge and Internet Explorer A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. | 7.5 |
2018-07-11 | CVE-2018-8290 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. | 7.5 |
2018-07-11 | CVE-2018-8288 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Chakracore, Edge and Internet Explorer A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. | 7.5 |
2018-07-11 | CVE-2018-8287 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Chakracore, Edge and Internet Explorer A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. | 7.5 |
2018-07-11 | CVE-2018-8286 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. | 7.5 |
2018-07-11 | CVE-2018-8283 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Chakracore A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. | 7.5 |
2018-07-11 | CVE-2018-8280 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. | 7.5 |
2018-07-11 | CVE-2018-8279 | Microsoft | Type Confusion vulnerability in Microsoft Chakracore and Edge A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. | 7.5 |
2018-07-11 | CVE-2018-8275 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. | 7.5 |
2018-07-11 | CVE-2018-8274 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Edge A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. | 7.5 |
2018-07-11 | CVE-2018-8262 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Edge A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. | 7.5 |
2018-07-11 | CVE-2018-8242 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. | 7.5 |
2018-07-11 | CVE-2018-8206 | Microsoft | Unspecified vulnerability in Microsoft products A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol (FTP) connections, aka "Windows FTP Server Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 7.5 |
2018-07-11 | CVE-2018-8171 | Microsoft | Improper Authentication vulnerability in Microsoft products A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability." This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2. | 7.5 |
2018-07-11 | CVE-2018-8125 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Edge A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. | 7.5 |
2018-07-10 | CVE-2018-13863 | Mongodb | Unspecified vulnerability in Mongodb Js-Bson The MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS) in lib/bson/decimal128.js. | 7.5 |
2018-07-10 | CVE-2018-2438 | SAP | Unspecified vulnerability in SAP Internet Graphics Server The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. | 7.5 |
2018-07-10 | CVE-2018-2433 | SAP | Unspecified vulnerability in SAP Kernel SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.53) allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. | 7.5 |
2018-07-10 | CVE-2018-13848 | Axiosys | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axiosys Bento4 1.5.1624 An issue has been found in Bento4 1.5.1-624. | 7.5 |
2018-07-10 | CVE-2018-13847 | Axiosys | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axiosys Bento4 1.5.1624 An issue has been found in Bento4 1.5.1-624. | 7.5 |
2018-07-10 | CVE-2018-13844 | Htslib | Memory Leak vulnerability in Htslib 1.8 An issue has been found in HTSlib 1.8. | 7.5 |
2018-07-10 | CVE-2018-13843 | Htslib | Missing Release of Resource after Effective Lifetime vulnerability in Htslib 1.8 An issue has been found in HTSlib 1.8. | 7.5 |
2018-07-10 | CVE-2018-12461 | Netiq | Improper Certificate Validation vulnerability in Netiq Edirectory 9.1.1 Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation. | 7.5 |
2018-07-10 | CVE-2018-10943 | Barco | Improper Input Validation vulnerability in Barco products An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base Units with firmware before 1.6.0.3. | 7.5 |
2018-07-10 | CVE-2018-1128 | Redhat Debian Opensuse | Improper Authentication vulnerability in multiple products It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. | 7.5 |
2018-07-10 | CVE-2018-12230 | Remicoin Project | Integer Underflow (Wrap or Wraparound) vulnerability in Remicoin Project Remicoin An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin (RMC), an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks. | 7.5 |
2018-07-10 | CVE-2016-10726 | Duraspace | Path Traversal vulnerability in Duraspace Dspace The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI. | 7.5 |
2018-07-09 | CVE-2018-13795 | Creolabs | Improper Input Validation vulnerability in Creolabs Gravity Gravity before 0.5.1 does not support a maximum recursion depth. | 7.5 |
2018-07-09 | CVE-2018-1000617 | Atlassian | Improper Input Validation vulnerability in Atlassian Floodlight Controller Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and earlier versions contains a Denial of Service vulnerability in Forwarding module that can result in Improper type cast in Forwarding module allows remote attackers to cause a DoS(thread crash).. | 7.5 |
2018-07-09 | CVE-2018-1000615 | Onosproject | Unspecified vulnerability in Onosproject Onos ONOS ONOS Controller version 1.13.1 and earlier contains a Denial of Service (Service crash) vulnerability in OVSDB component in ONOS that can result in An adversary can remotely crash OVSDB service ONOS controller via a normal switch.. | 7.5 |
2018-07-09 | CVE-2018-4993 | Adobe | Information Exposure vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an NTLM SSO hash theft vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4986 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4985 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4981 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4976 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4975 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4973 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4970 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4969 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4967 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4965 | Adobe | Information Exposure vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Memory Corruption vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4964 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4963 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4962 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4960 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4957 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4956 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4955 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2018-4949 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 7.5 |
2018-07-09 | CVE-2013-3017 | IBM | Cryptographic Issues vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. | 7.5 |
2018-07-09 | CVE-2013-3001 | IBM | Path Traversal vulnerability in IBM Infosphere Data Replication Dashboard 10.1/9.7 Directory traversal vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to read arbitrary files via unspecified vectors. | 7.5 |
2018-07-09 | CVE-2018-6832 | Foscam | Out-of-bounds Write vulnerability in Foscam products Stack-based buffer overflow in the getSWFlag function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to cause a denial of service (crash and reboot), via the callbackJson parameter. | 7.5 |
2018-07-09 | CVE-2018-6830 | Foscam | Path Traversal vulnerability in Foscam products Directory traversal vulnerability in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to delete arbitrary files via a .. | 7.5 |
2018-07-09 | CVE-2018-11543 | Ribboncommunications | Path Traversal vulnerability in Ribboncommunications products A Local File Inclusion (LFI) vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows for the downloading of arbitrary files via an unspecified vector. | 7.5 |
2018-07-09 | CVE-2018-13783 | Jiucaitoken Project | Integer Overflow or Wraparound vulnerability in Jiucaitoken Project Jiucaitoken The mintToken function of a smart contract implementation for JiucaiToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13782 | Entercoin Project | Integer Overflow or Wraparound vulnerability in Entercoin Project Entercoin The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13781 | Myylctoken Project | Integer Overflow or Wraparound vulnerability in Myylctoken Project Myylctoken The mintToken function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13780 | ESH Project | Integer Overflow or Wraparound vulnerability in ESH Project ESH The mintToken function of a smart contract implementation for ESH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13779 | Ylctoken Project | Integer Overflow or Wraparound vulnerability in Ylctoken Project Ylctoken The mintToken function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13778 | Cgctoken Project | Integer Overflow or Wraparound vulnerability in Cgctoken Project Cgctoken The mintToken function of a smart contract implementation for CGCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13777 | Rrtoken Project | Integer Overflow or Wraparound vulnerability in Rrtoken Project Rrtoken The mintToken function of a smart contract implementation for RRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13776 | Appletoken Project | Integer Overflow or Wraparound vulnerability in Appletoken Project Appletoken The mintToken function of a smart contract implementation for AppleToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13775 | Rckt Coin Project | Integer Overflow or Wraparound vulnerability in Rckt Coin Project Rckt Coin The mintToken function of a smart contract implementation for RCKT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13774 | Bitstarti Project | Integer Overflow or Wraparound vulnerability in Bitstarti Project Bitstarti The mintToken function of a smart contract implementation for Bitstarti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13773 | Netkillertoken Project | Integer Overflow or Wraparound vulnerability in Netkillertoken Project Netkillertoken The mintToken function of a smart contract implementation for Enterprise Token Ecosystem (ETE) (Contract Name: NetkillerToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13772 | Theflashtoken Project | Integer Overflow or Wraparound vulnerability in Theflashtoken Project Theflashtoken The mintToken function of a smart contract implementation for TheFlashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13771 | Exacorecontract Project | Integer Overflow or Wraparound vulnerability in Exacorecontract Project Exacorecontract The mintToken function of a smart contract implementation for ExacoreContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13770 | Ultimatecoin Project | Integer Overflow or Wraparound vulnerability in Ultimatecoin Project Ultimatecoin The mintToken function of a smart contract implementation for UltimateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13769 | Jeanstoken Project | Integer Overflow or Wraparound vulnerability in Jeanstoken Project Jeanstoken The mintToken function of a smart contract implementation for JeansToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13768 | Ztoken Project | Integer Overflow or Wraparound vulnerability in Ztoken Project Ztoken The mintToken function of a smart contract implementation for ZToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13767 | Cornerstone Project | Integer Overflow or Wraparound vulnerability in Cornerstone Project Cornerstone The mintToken function of a smart contract implementation for Cornerstone, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13766 | Easticoin Project | Integer Overflow or Wraparound vulnerability in Easticoin Project Easticoin The mintToken function of a smart contract implementation for Easticoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13765 | Landcoin Project | Integer Overflow or Wraparound vulnerability in Landcoin Project Landcoin The mintToken function of a smart contract implementation for LandCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13764 | Biqutoken Project | Integer Overflow or Wraparound vulnerability in Biqutoken Project Biqutoken The mintToken function of a smart contract implementation for BiquToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13763 | Ublasti Project | Integer Overflow or Wraparound vulnerability in Ublasti Project Ublasti The mintToken function of a smart contract implementation for Ublasti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13762 | Yumerium Project | Integer Overflow or Wraparound vulnerability in Yumerium Project Yumerium The mintToken function of a smart contract implementation for Yumerium, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13761 | Netkilleradvancedtokenairdrop Project | Integer Overflow or Wraparound vulnerability in Netkilleradvancedtokenairdrop Project Netkilleradvancedtokenairdrop The mintToken function of a smart contract implementation for NetkillerAdvancedTokenAirDrop, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13760 | Moneychainnettoken Project | Integer Overflow or Wraparound vulnerability in Moneychainnettoken Project Moneychainnettoken The mintToken function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13759 | Bigcadvancedtoken Project | Integer Overflow or Wraparound vulnerability in Bigcadvancedtoken Project Bigcadvancedtoken The mintToken function of a smart contract implementation for BIGCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13758 | Lolicoin Project | Integer Overflow or Wraparound vulnerability in Lolicoin Project Lolicoin The mintToken function of a smart contract implementation for LoliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13757 | Coinquer Project | Integer Overflow or Wraparound vulnerability in Coinquer Project Coinquer The mintToken function of a smart contract implementation for Coinquer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13756 | Cherrycoinfoundation Project | Integer Overflow or Wraparound vulnerability in Cherrycoinfoundation Project Cherrycoinfoundation The mintToken function of a smart contract implementation for CherryCoinFoundation, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13755 | Otakutoken Project | Integer Overflow or Wraparound vulnerability in Otakutoken Project Otakutoken The mintToken function of a smart contract implementation for OTAKUToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13754 | Cryptosistoken Project | Integer Overflow or Wraparound vulnerability in Cryptosistoken Project Cryptosistoken The mintToken function of a smart contract implementation for CryptosisToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13753 | Deweisecurityservicetoken Project | Integer Overflow or Wraparound vulnerability in Deweisecurityservicetoken Project Deweisecurityservicetoken The mintToken function of a smart contract implementation for DeWeiSecurityServiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13752 | Thread Project | Integer Overflow or Wraparound vulnerability in Thread Project Thread The mintToken function of a smart contract implementation for Thread, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13751 | Justwallet Project | Integer Overflow or Wraparound vulnerability in Justwallet Project Justwallet The mintToken function of a smart contract implementation for JustWallet, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13750 | Richiumtoken Project | Integer Overflow or Wraparound vulnerability in Richiumtoken Project Richiumtoken The mintToken function of a smart contract implementation for RichiumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13749 | Finaltoken Project | Integer Overflow or Wraparound vulnerability in Finaltoken Project Finaltoken The mintToken function of a smart contract implementation for FinalToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13748 | Cartoken Project | Integer Overflow or Wraparound vulnerability in Cartoken Project Cartoken The mintToken function of a smart contract implementation for CarToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13747 | Vanminhcoin Project | Integer Overflow or Wraparound vulnerability in Vanminhcoin Project Vanminhcoin The mintToken function of a smart contract implementation for VanMinhCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13746 | Kbit Project | Integer Overflow or Wraparound vulnerability in Kbit Project Kbit The mintToken function of a smart contract implementation for kBit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13745 | Stctoken Project | Integer Overflow or Wraparound vulnerability in Stctoken Project Stctoken The mintToken function of a smart contract implementation for STCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13744 | Crowdnext Project | Integer Overflow or Wraparound vulnerability in Crowdnext Project Crowdnext The mintToken function of a smart contract implementation for Crowdnext (CNX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13743 | Sectoken Project | Integer Overflow or Wraparound vulnerability in Sectoken Project Sectoken The mintToken function of a smart contract implementation for SuperEnergy (SEC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13742 | Tickets Project | Integer Overflow or Wraparound vulnerability in Tickets Project Tickets The mintToken function of a smart contract implementation for tickets (TKT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13741 | Ablgenesistoken Project | Integer Overflow or Wraparound vulnerability in Ablgenesistoken Project Ablgenesistoken The mintToken function of a smart contract implementation for ABLGenesisToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13740 | Onechain Project | Integer Overflow or Wraparound vulnerability in Onechain Project Onechain The mintToken function of a smart contract implementation for OneChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13739 | Dopnetwork Project | Integer Overflow or Wraparound vulnerability in Dopnetwork Project Dopnetwork The mintToken function of a smart contract implementation for dopnetwork, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13738 | Pelocointoken Project | Integer Overflow or Wraparound vulnerability in Pelocointoken Project Pelocointoken The mintToken function of a smart contract implementation for PELOCoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13737 | Anovabace Project | Integer Overflow or Wraparound vulnerability in Anovabace Project Anovabace The mintToken function of a smart contract implementation for AnovaBace, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13736 | Elearningcoinerc Project | Integer Overflow or Wraparound vulnerability in Elearningcoinerc Project Elearningcoinerc The mintToken function of a smart contract implementation for ELearningCoinERC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13735 | Entertoken Project | Integer Overflow or Wraparound vulnerability in Entertoken Project Entertoken The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13734 | Azttoken Project | Integer Overflow or Wraparound vulnerability in Azttoken Project Azttoken The mintToken function of a smart contract implementation for AZTToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13733 | Projectj Project | Integer Overflow or Wraparound vulnerability in Projectj Project Projectj The mintToken function of a smart contract implementation for ProjectJ, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13732 | Riptidecoin Project | Integer Overflow or Wraparound vulnerability in Riptidecoin Project Riptidecoin The mintToken function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13731 | Tokenmachu Project | Integer Overflow or Wraparound vulnerability in Tokenmachu Project Tokenmachu The mintToken function of a smart contract implementation for TokenMACHU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13730 | HEY Project | Integer Overflow or Wraparound vulnerability in HEY Project HEY The mintToken function of a smart contract implementation for HEY, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13729 | Jpmd100B Project | Integer Overflow or Wraparound vulnerability in Jpmd100B Project Jpmd100B The mintToken function of a smart contract implementation for JPMD100B, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13728 | Jixocoin Project | Integer Overflow or Wraparound vulnerability in Jixocoin Project Jixocoin The mintToken function of a smart contract implementation for JixoCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13727 | Eastcoin Project | Integer Overflow or Wraparound vulnerability in Eastcoin Project Eastcoin The mintToken function of a smart contract implementation for Eastcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13726 | Iseevoicetoken Project | Integer Overflow or Wraparound vulnerability in Iseevoicetoken Project Iseevoicetoken The mintToken function of a smart contract implementation for ISeeVoiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13725 | Globalsupergametoken Project | Integer Overflow or Wraparound vulnerability in Globalsupergametoken Project Globalsupergametoken The mintToken function of a smart contract implementation for GlobalSuperGameToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13724 | Hyipcrowdsale1 Project | Integer Overflow or Wraparound vulnerability in Hyipcrowdsale1 Project Hyipcrowdsale1 The mint function of a smart contract implementation for HYIPCrowdsale1, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13723 | Servviziotoken Project | Integer Overflow or Wraparound vulnerability in Servviziotoken Project Servviziotoken The mintToken function of a smart contract implementation for SERVVIZIOToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13722 | Hyiptoken Project | Integer Overflow or Wraparound vulnerability in Hyiptoken Project Hyiptoken The mint function of a smart contract implementation for HYIPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13721 | Gomineworld Project | Integer Overflow or Wraparound vulnerability in Gomineworld Project Gomineworld The mintToken function of a smart contract implementation for GoMineWorld, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13720 | Landcoin Project | Integer Overflow or Wraparound vulnerability in Landcoin Project Landcoin The mintToken function of a smart contract implementation for Antoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13719 | Bitedutoken Project | Integer Overflow or Wraparound vulnerability in Bitedutoken Project Bitedutoken The mintToken function of a smart contract implementation for BiteduToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13718 | Futurxe | Integer Overflow or Wraparound vulnerability in Futurxe The mintToken function of a smart contract implementation for FuturXe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13717 | Hormitechtoken Project | Integer Overflow or Wraparound vulnerability in Hormitechtoken Project Hormitechtoken The mintToken function of a smart contract implementation for HormitechToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13716 | Sexhdsolo Project | Integer Overflow or Wraparound vulnerability in Sexhdsolo Project Sexhdsolo The mintToken function of a smart contract implementation for sexhdsolo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13715 | Bpstoken Project | Integer Overflow or Wraparound vulnerability in Bpstoken Project Bpstoken The mintToken function of a smart contract implementation for BpsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13714 | CM Project | Integer Overflow or Wraparound vulnerability in CM Project CM The mintToken function of a smart contract implementation for CM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13713 | Tradesman Project | Integer Overflow or Wraparound vulnerability in Tradesman Project Tradesman The mintToken function of a smart contract implementation for Tradesman, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13712 | Pmet Project | Integer Overflow or Wraparound vulnerability in Pmet Project Pmet The mintToken function of a smart contract implementation for PMET, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13711 | Databits Project | Integer Overflow or Wraparound vulnerability in Databits Project Databits The mintToken function of a smart contract implementation for Databits, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13710 | Mjolnir Project | Integer Overflow or Wraparound vulnerability in Mjolnir Project Mjolnir The mintToken function of a smart contract implementation for Mjolnir, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13709 | Diytubecoin Project | Integer Overflow or Wraparound vulnerability in Diytubecoin Project Diytubecoin The mintToken function of a smart contract implementation for Tube, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13708 | Buytoken Project | Integer Overflow or Wraparound vulnerability in Buytoken Project Buytoken The mintToken function of a smart contract implementation for Order (ETH) (Contract Name: BuyToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13707 | YSS Project | Integer Overflow or Wraparound vulnerability in YSS Project YSS The mintToken function of a smart contract implementation for YSS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13706 | Ideacoin Project | Integer Overflow or Wraparound vulnerability in Ideacoin Project Ideacoin The mintToken function of a smart contract implementation for IdeaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13705 | Pmhtoken Project | Integer Overflow or Wraparound vulnerability in Pmhtoken Project Pmhtoken The mintToken function of a smart contract implementation for PMHToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13704 | Eddtoken Project | Integer Overflow or Wraparound vulnerability in Eddtoken Project Eddtoken The mintToken function of a smart contract implementation for eddToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13703 | Cerb Coin Project | Integer Overflow or Wraparound vulnerability in Cerb Coin Project Cerb Coin The mintToken function of a smart contract implementation for CERB_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13702 | Essence Project | Integer Overflow or Wraparound vulnerability in Essence Project Essence The mintToken function of a smart contract implementation for Essence, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13701 | Kissme Project | Integer Overflow or Wraparound vulnerability in Kissme Project Kissme The mintToken function of a smart contract implementation for KissMe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13700 | Ipmcoin Project | Integer Overflow or Wraparound vulnerability in Ipmcoin Project Ipmcoin The mintToken function of a smart contract implementation for IPMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13699 | Destineedtoken Project | Integer Overflow or Wraparound vulnerability in Destineedtoken Project Destineedtoken The mintToken function of a smart contract implementation for DestiNeed (DSN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13698 | Play2Livepromo Project | Integer Overflow or Wraparound vulnerability in Play2Livepromo Project Play2Livepromo The mintTokens function of a smart contract implementation for Play2LivePromo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13697 | Robotbtc Project | Integer Overflow or Wraparound vulnerability in Robotbtc Project Robotbtc The mintToken function of a smart contract implementation for RobotBTC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13696 | Redticket Project | Integer Overflow or Wraparound vulnerability in Redticket Project Redticket The mintToken function of a smart contract implementation for RedTicket, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13695 | Ctest7 Project | Integer Overflow or Wraparound vulnerability in Ctest7 Project Ctest7 The mint function of a smart contract implementation for CTest7, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13694 | Gmile Project | Integer Overflow or Wraparound vulnerability in Gmile Project Gmile The mintToken function of a smart contract implementation for GMile, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13693 | Greenenergytoken Project | Integer Overflow or Wraparound vulnerability in Greenenergytoken Project Greenenergytoken The mintToken function of a smart contract implementation for GreenEnergyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13692 | Mehditazitoken Project | Integer Overflow or Wraparound vulnerability in Mehditazitoken Project Mehditazitoken The mintToken function of a smart contract implementation for MehdiTAZIToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13691 | Rtokenmain Project | Integer Overflow or Wraparound vulnerability in Rtokenmain Project Rtokenmain The mintToken function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13690 | Instacocoa Project | Integer Overflow or Wraparound vulnerability in Instacocoa Project Instacocoa The mintToken function of a smart contract implementation for Instacocoa, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13689 | Cjxtoken Project | Integer Overflow or Wraparound vulnerability in Cjxtoken Project Cjxtoken The mintToken function of a smart contract implementation for CJXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13688 | Malltoken Project | Integer Overflow or Wraparound vulnerability in Malltoken Project Malltoken The mintToken function of a smart contract implementation for MallToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13687 | Normikaivo Project | Integer Overflow or Wraparound vulnerability in Normikaivo Project Normikaivo The mintToken function of a smart contract implementation for normikaivo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13686 | Icodollar Project | Integer Overflow or Wraparound vulnerability in Icodollar Project Icodollar The mintToken function of a smart contract implementation for ICO Dollar (ICOD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13685 | Vornoxcointoken Project | Integer Overflow or Wraparound vulnerability in Vornoxcointoken Project Vornoxcointoken The mintToken function of a smart contract implementation for Vornox (VRX) (Contract Name: VornoxCoinToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13684 | ZIP Project | Integer Overflow or Wraparound vulnerability in ZIP Project ZIP The mintToken function of a smart contract implementation for ZIP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13683 | Exsulcoin Project | Integer Overflow or Wraparound vulnerability in Exsulcoin Project Exsulcoin The mintToken function of a smart contract implementation for exsulcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13682 | Vitemoneycoin Project | Integer Overflow or Wraparound vulnerability in Vitemoneycoin Project Vitemoneycoin The mintToken function of a smart contract implementation for ViteMoneyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13681 | Soscoin Project | Integer Overflow or Wraparound vulnerability in Soscoin Project Soscoin The mintToken function of a smart contract implementation for SOSCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13680 | Lexittoken Project | Integer Overflow or Wraparound vulnerability in Lexittoken Project Lexittoken The mintToken function of a smart contract implementation for LexitToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13679 | Zpecoin Project | Integer Overflow or Wraparound vulnerability in Zpecoin Project Zpecoin The mintToken function of a smart contract implementation for ZPEcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13678 | Lottery Project | Integer Overflow or Wraparound vulnerability in Lottery Project Lottery The mintToken function of a smart contract implementation for Lottery, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13677 | Goochain Project | Integer Overflow or Wraparound vulnerability in Goochain Project Goochain The mintToken function of a smart contract implementation for Goochain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13676 | Orderbookpresaletoken Project | Integer Overflow or Wraparound vulnerability in Orderbookpresaletoken Project Orderbookpresaletoken The mintToken function of a smart contract implementation for Orderbook Presale Token (OBP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13675 | Yambyo Project | Integer Overflow or Wraparound vulnerability in Yambyo Project Yambyo The mintToken function of a smart contract implementation for YAMBYO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13674 | Combilladvancedtoken Project | Integer Overflow or Wraparound vulnerability in Combilladvancedtoken Project Combilladvancedtoken The mintToken function of a smart contract implementation for ComBillAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13673 | Goldtokenerc20 Project | Integer Overflow or Wraparound vulnerability in Goldtokenerc20 Project Goldtokenerc20 The mintToken function of a smart contract implementation for GoldTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13672 | Obtcoin Project | Integer Overflow or Wraparound vulnerability in Obtcoin Project Obtcoin The mintToken function of a smart contract implementation for OBTCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13671 | Dinsteincoin Project | Integer Overflow or Wraparound vulnerability in Dinsteincoin Project Dinsteincoin The mintToken function of a smart contract implementation for DinsteinCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13670 | Gfcoin | Integer Overflow or Wraparound vulnerability in Gfcoin Gfcb The mintToken function of a smart contract implementation for GFCB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13669 | NCU Project | Integer Overflow or Wraparound vulnerability in NCU Project NCU The mintToken function of a smart contract implementation for NCU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13668 | Btpcoin Project | Integer Overflow or Wraparound vulnerability in Btpcoin Project Btpcoin The mintToken function of a smart contract implementation for BTPCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13667 | Utbtokentest Project | Integer Overflow or Wraparound vulnerability in Utbtokentest Project Utbtokentest The mintToken function of a smart contract implementation for UTBTokenTest, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13666 | Eristicaico Project | Integer Overflow or Wraparound vulnerability in Eristicaico Project Eristicaico The mintToken function of a smart contract implementation for EristicaICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13665 | Bcaas Project | Integer Overflow or Wraparound vulnerability in Bcaas Project Bcaas The mintToken function of a smart contract implementation for BCaaS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13664 | CWS Project | Integer Overflow or Wraparound vulnerability in CWS Project CWS The mintToken function of a smart contract implementation for CWS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13663 | Bsctoken Project | Integer Overflow or Wraparound vulnerability in Bsctoken Project Bsctoken The mintToken function of a smart contract implementation for BSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13662 | Worldopctionchain Project | Integer Overflow or Wraparound vulnerability in Worldopctionchain Project Worldopctionchain The mintToken function of a smart contract implementation for WorldOpctionChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13661 | APP Project | Integer Overflow or Wraparound vulnerability in APP Project APP The mintToken function of a smart contract implementation for APP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13660 | Billionrewardstoken Project | Integer Overflow or Wraparound vulnerability in Billionrewardstoken Project Billionrewardstoken The mint function of a smart contract implementation for BillionRewardsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13659 | Briancoin Project | Integer Overflow or Wraparound vulnerability in Briancoin Project Briancoin The mintToken function of a smart contract implementation for BrianCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13658 | Thegodgital Project | Integer Overflow or Wraparound vulnerability in Thegodgital Project Thegodgital The mintToken function of a smart contract implementation for TheGoDgital, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13657 | Rice Project | Integer Overflow or Wraparound vulnerability in Rice Project Rice The mintToken function of a smart contract implementation for Rice, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13656 | Cashbackmintable Project | Integer Overflow or Wraparound vulnerability in Cashbackmintable Project Cashbackmintable The mintToken function of a smart contract implementation for Sample Token (STK) (Contract Name: cashBackMintable), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13655 | Gfcoin | Integer Overflow or Wraparound vulnerability in Gfcoin Gfcb The mintToken function of a smart contract implementation for GFC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13654 | Ests | Integer Overflow or Wraparound vulnerability in Ests Eststoken The mintToken function of a smart contract implementation for ESTSToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13653 | Ipshoots Project | Integer Overflow or Wraparound vulnerability in Ipshoots Project Ipshoots The mintToken function of a smart contract implementation for ipshoots, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13652 | Thegodigital Project | Integer Overflow or Wraparound vulnerability in Thegodigital Project Thegodigital The mintToken function of a smart contract implementation for TheGoDigital, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13651 | Micoinnetworktoken Project | Integer Overflow or Wraparound vulnerability in Micoinnetworktoken Project Micoinnetworktoken The mintToken function of a smart contract implementation for MicoinNetworkToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13650 | Bitmaxertoken Project | Integer Overflow or Wraparound vulnerability in Bitmaxertoken Project Bitmaxertoken The mintToken function of a smart contract implementation for BitmaxerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13649 | Tokitdeployer Project | Integer Overflow or Wraparound vulnerability in Tokitdeployer Project Tokitdeployer The mintToken function of a smart contract implementation for Deploy, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13648 | Bgcgtoken Project | Integer Overflow or Wraparound vulnerability in Bgcgtoken Project Bgcgtoken The mintToken function of a smart contract implementation for BGC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13647 | Truegoldcoin | Integer Overflow or Wraparound vulnerability in Truegoldcoin Truegoldcointoken The mintToken function of a smart contract implementation for TrueGoldCoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13646 | Datiac Project | Integer Overflow or Wraparound vulnerability in Datiac Project Datiac The mintToken function of a smart contract implementation for Datiac, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13645 | Fiocoin Project | Integer Overflow or Wraparound vulnerability in Fiocoin Project Fiocoin The mintToken function of a smart contract implementation for Fiocoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13644 | Royalclassiccoin Project | Integer Overflow or Wraparound vulnerability in Royalclassiccoin Project Royalclassiccoin The mintToken function of a smart contract implementation for RoyalClassicCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13643 | Gcrtokenerc20 Project | Integer Overflow or Wraparound vulnerability in Gcrtokenerc20 Project Gcrtokenerc20 The mintToken function of a smart contract implementation for GCRTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13642 | Secoin Project | Integer Overflow or Wraparound vulnerability in Secoin Project Secoin The mintToken function of a smart contract implementation for SECoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13641 | Mvgcoin Project | Integer Overflow or Wraparound vulnerability in Mvgcoin Project Mvgcoin The mintToken function of a smart contract implementation for MVGcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13640 | Ethereumsmart Project | Integer Overflow or Wraparound vulnerability in Ethereumsmart Project Ethereumsmart The mintToken function of a smart contract implementation for EthereumSmart, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13639 | VEU Tokenerc20 Project | Integer Overflow or Wraparound vulnerability in VEU Tokenerc20 Project VEU Tokenerc20 The mintToken function of a smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13638 | Bitpark Project | Integer Overflow or Wraparound vulnerability in Bitpark Project Bitpark The mintToken function of a smart contract implementation for Bitpark, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13637 | Cikkaa | Integer Overflow or Wraparound vulnerability in Cikkaa Cikkacoin The mintToken function of a smart contract implementation for CikkaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13636 | Turdcoin Project | Integer Overflow or Wraparound vulnerability in Turdcoin Project Turdcoin The mintToken function of a smart contract implementation for TurdCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13635 | Hbcm Project | Integer Overflow or Wraparound vulnerability in Hbcm Project Hbcm The mintToken function of a smart contract implementation for HBCM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13634 | MCT | Integer Overflow or Wraparound vulnerability in MCT Mediacubetoken The mintToken function of a smart contract implementation for MediaCubeToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13633 | Martcoin | Integer Overflow or Wraparound vulnerability in Martcoin The mintToken function of a smart contract implementation for Martcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13632 | Nexpara Project | Integer Overflow or Wraparound vulnerability in Nexpara Project Nexpara The mintToken function of a smart contract implementation for NEXPARA, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13631 | DOC Coin | Integer Overflow or Wraparound vulnerability in Doc-Coin Doccoin The mintToken function of a smart contract implementation for doccoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13630 | Doccoinpreico Project | Integer Overflow or Wraparound vulnerability in Doccoinpreico Project Doccoinpreico The mintToken function of a smart contract implementation for DoccoinPreICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13629 | Crimsonshilling Project | Integer Overflow or Wraparound vulnerability in Crimsonshilling Project Crimsonshilling The mintToken function of a smart contract implementation for CrimsonShilling, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13628 | Momentumprotocol | Integer Overflow or Wraparound vulnerability in Momentumprotocol Momentumtoken The mintToken function of a smart contract implementation for MomentumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13627 | Myoffer Project | Integer Overflow or Wraparound vulnerability in Myoffer Project Myoffer The mintToken function of a smart contract implementation for MyOffer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13626 | Semaintoken Project | Integer Overflow or Wraparound vulnerability in Semaintoken Project Semaintoken The mintToken function of a smart contract implementation for SemainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13625 | Plutocracy | Integer Overflow or Wraparound vulnerability in Plutocracy Krown The mintlvlToken function of a smart contract implementation for Krown, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13624 | Wxsltoken Project | Integer Overflow or Wraparound vulnerability in Wxsltoken Project Wxsltoken The mintToken function of a smart contract implementation for WXSLToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13623 | Cryptics | Integer Overflow or Wraparound vulnerability in Cryptics Airdroppercryptics The mintToken function of a smart contract implementation for AirdropperCryptics, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13622 | Objectledger | Integer Overflow or Wraparound vulnerability in Objectledger Objecttoken The mintToken function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13621 | Soundtribetoken Project | Integer Overflow or Wraparound vulnerability in Soundtribetoken Project Soundtribetoken The mintToken function of a smart contract implementation for SoundTribeToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13620 | Tripcash Project | Integer Overflow or Wraparound vulnerability in Tripcash Project Tripcash The mintToken function of a smart contract implementation for TripCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13619 | Micointoken Project | Integer Overflow or Wraparound vulnerability in Micointoken Project Micointoken The mintToken function of a smart contract implementation for MicoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13618 | Vicetoken ICO IS A Scam Project | Integer Overflow or Wraparound vulnerability in Vicetoken ICO IS a Scam Project Vicetoken ICO IS a Scam The mintToken function of a smart contract implementation for VICETOKEN_ICO_IS_A_SCAM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13617 | Captoz Project | Integer Overflow or Wraparound vulnerability in Captoz Project Captoz The mintToken function of a smart contract implementation for CAPTOZ, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13616 | Ioct Coin Project | Integer Overflow or Wraparound vulnerability in Ioct Coin Project Ioct Coin The mintToken function of a smart contract implementation for IOCT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13615 | Mjctoken Project | Integer Overflow or Wraparound vulnerability in Mjctoken Project Mjctoken The mintToken function of a smart contract implementation for MJCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13614 | Mavcash Project | Integer Overflow or Wraparound vulnerability in Mavcash Project Mavcash The mintToken function of a smart contract implementation for MAVCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13613 | Con0217 Project | Integer Overflow or Wraparound vulnerability in Con0217 Project Con0217 The mintToken function of a smart contract implementation for CON0217, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13612 | Robincoin Project | Integer Overflow or Wraparound vulnerability in Robincoin Project Robincoin The mintToken function of a smart contract implementation for Robincoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13611 | Ucoincorp | Integer Overflow or Wraparound vulnerability in Ucoincorp Cdcurrency The mintToken function of a smart contract implementation for CDcurrency, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13610 | Medicayunlink | Integer Overflow or Wraparound vulnerability in Medicayunlink The mintToken function of a smart contract implementation for MedicayunLink, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13609 | CSA Estate | Integer Overflow or Wraparound vulnerability in Csa-Estate Csatoken The mintToken function of a smart contract implementation for CSAToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13608 | Archercoin Project | Integer Overflow or Wraparound vulnerability in Archercoin Project Archercoin The mintToken function of a smart contract implementation for archercoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13607 | Residualshare Project | Integer Overflow or Wraparound vulnerability in Residualshare Project Residualshare The mintToken function of a smart contract implementation for ResidualShare, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13606 | Archain Project | Integer Overflow or Wraparound vulnerability in Archain Project Archain The mintToken function of a smart contract implementation for ARChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13605 | Extremetoken Project | Integer Overflow or Wraparound vulnerability in Extremetoken Project Extremetoken The mintToken function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13604 | Wellieat Project | Integer Overflow or Wraparound vulnerability in Wellieat Project Wellieat The mintToken function of a smart contract implementation for wellieat, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13603 | Briant2Token Project | Integer Overflow or Wraparound vulnerability in Briant2Token Project Briant2Token The mintToken function of a smart contract implementation for Briant2Token, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13602 | Marcelominingtoken Project | Integer Overflow or Wraparound vulnerability in Marcelominingtoken Project Marcelominingtoken The mint function of a smart contract implementation for MiningToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13601 | Galacticx Project | Integer Overflow or Wraparound vulnerability in Galacticx Project Galacticx The mintToken function of a smart contract implementation for GalacticX, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13600 | Amtoken Project | Integer Overflow or Wraparound vulnerability in Amtoken Project Amtoken The mintToken function of a smart contract implementation for AMToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13599 | Residualvalue Project | Integer Overflow or Wraparound vulnerability in Residualvalue Project Residualvalue The mintToken function of a smart contract implementation for ResidualValue, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13598 | Sendme Project | Integer Overflow or Wraparound vulnerability in Sendme Project Sendme The mintToken function of a smart contract implementation for SendMe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13597 | Testcoin Project | Integer Overflow or Wraparound vulnerability in Testcoin Project Testcoin The mintToken function of a smart contract implementation for testcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13596 | Testahihi Project | Integer Overflow or Wraparound vulnerability in Testahihi Project Testahihi The mintToken function of a smart contract implementation for TESTAhihi, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13595 | Bitstore Project | Integer Overflow or Wraparound vulnerability in Bitstore Project Bitstore The mintToken function of a smart contract implementation for BitStore, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13594 | Cardfactory Project | Integer Overflow or Wraparound vulnerability in Cardfactory Project Cardfactory The mintToken function of a smart contract implementation for CardFactory, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13593 | Osscardtoken Project | Integer Overflow or Wraparound vulnerability in Osscardtoken Project Osscardtoken The mintToken function of a smart contract implementation for CardToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13592 | Rajtestico Project | Integer Overflow or Wraparound vulnerability in Rajtestico Project Rajtestico The mintToken function of a smart contract implementation for RajTest, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13591 | Kapcoin Project | Integer Overflow or Wraparound vulnerability in Kapcoin Project Kapcoin The mintToken function of a smart contract implementation for KAPcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13590 | Sipcoin | Integer Overflow or Wraparound vulnerability in Sipcoin The mintToken function of a smart contract implementation for SIPCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13589 | Mooadvtoken Project | Integer Overflow or Wraparound vulnerability in Mooadvtoken Project Mooadvtoken The mintToken function of a smart contract implementation for MooAdvToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13588 | Code47 | Integer Overflow or Wraparound vulnerability in Code47 The mintToken function of a smart contract implementation for Code47 (C47), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13587 | Dectoken Project | Integer Overflow or Wraparound vulnerability in Dectoken Project Dectoken The mintToken function of a smart contract implementation for DECToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13586 | Nectarcoin Project | Integer Overflow or Wraparound vulnerability in Nectarcoin Project Nectarcoin The mintToken function of a smart contract implementation for Nectar (NCTR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13585 | Cherrycoin Project | Integer Overflow or Wraparound vulnerability in Cherrycoin Project Cherrycoin The mintToken function of a smart contract implementation for CHERRYCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13584 | Yasudem Project | Integer Overflow or Wraparound vulnerability in Yasudem Project Yasudem The mintToken function of a smart contract implementation for yasudem, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13583 | Shmoo Project | Integer Overflow or Wraparound vulnerability in Shmoo Project Shmoo The mintToken function of a smart contract implementation for Shmoo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13582 | My2Token Project | Integer Overflow or Wraparound vulnerability in My2Token Project My2Token The mintToken function of a smart contract implementation for My2Token, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13581 | Travelcoins | Integer Overflow or Wraparound vulnerability in Travelcoins Travelcointoken The mintToken function of a smart contract implementation for TravelCoin (TRV), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13580 | Providencecasino Project | Integer Overflow or Wraparound vulnerability in Providencecasino Project Providencecasino The mintToken function of a smart contract implementation for ProvidenceCasino (PVE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13579 | Forevercoin Project | Integer Overflow or Wraparound vulnerability in Forevercoin Project Forevercoin The mintToken function of a smart contract implementation for ForeverCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13578 | Galaxycoin Project | Integer Overflow or Wraparound vulnerability in Galaxycoin Project Galaxycoin The mintToken function of a smart contract implementation for GalaxyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13577 | Advancedshit Project | Integer Overflow or Wraparound vulnerability in Advancedshit Project Advancedshit The mintToken function of a smart contract implementation for ShitCoin (SHITC) (Contract Name: AdvancedShit), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13576 | Juntspercreixer | Integer Overflow or Wraparound vulnerability in Juntspercreixer The mintToken function of a smart contract implementation for Escut (ESCT) (Contract Name: JuntsPerCreixer), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13575 | Yestoken Project | Integer Overflow or Wraparound vulnerability in Yestoken Project Yestoken The mintToken function of a smart contract implementation for YESToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13574 | Datashieldcoin Project | Integer Overflow or Wraparound vulnerability in Datashieldcoin Project Datashieldcoin The mintToken function of a smart contract implementation for DataShieldCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13573 | Trippay Project | Integer Overflow or Wraparound vulnerability in Trippay Project Trippay The mintToken function of a smart contract implementation for TripPay, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13572 | PGM Coin Project | Integer Overflow or Wraparound vulnerability in PGM Coin Project PGM Coin The mintToken function of a smart contract implementation for PGM_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13571 | Goramcoin | Integer Overflow or Wraparound vulnerability in Goramcoin The mintToken function of a smart contract implementation for GoramCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13570 | Kktestcoin1 Project | Integer Overflow or Wraparound vulnerability in Kktestcoin1 Project Kktestcoin1 The mint function of a smart contract implementation for kkTestCoin1 (KTC1), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13569 | Yaofache | Integer Overflow or Wraparound vulnerability in Yaofache Hittoken The mintToken function of a smart contract implementation for HitToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13568 | Mktcoin | Integer Overflow or Wraparound vulnerability in Mktcoin The mintToken function of a smart contract implementation for MktCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13567 | Sdr22 Project | Integer Overflow or Wraparound vulnerability in Sdr22 Project Sdr22 The mintToken function of a smart contract implementation for SDR, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13566 | Retainly | Integer Overflow or Wraparound vulnerability in Retainly Retntoken The mintToken function of a smart contract implementation for RETNToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13565 | Co2Bit Project | Integer Overflow or Wraparound vulnerability in Co2Bit Project Co2Bit The mintToken function of a smart contract implementation for Co2Bit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13564 | Gatcoin | Integer Overflow or Wraparound vulnerability in Gatcoin The mintToken function of a smart contract implementation for GATcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13563 | Upaytoken Project | Integer Overflow or Wraparound vulnerability in Upaytoken Project Upaytoken The mintToken function of a smart contract implementation for UPayToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13562 | Bmvcoin | Integer Overflow or Wraparound vulnerability in Bmvcoin The mintToken function of a smart contract implementation for BMVCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13561 | Eth033 Project | Integer Overflow or Wraparound vulnerability in Eth033 Project Eth033 The mintToken function of a smart contract implementation for YourCoin (ICO) (Contract Name: ETH033), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13560 | Kelvintoken Project | Integer Overflow or Wraparound vulnerability in Kelvintoken Project Kelvintoken The mintToken function of a smart contract implementation for KelvinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13559 | Utct Project | Integer Overflow or Wraparound vulnerability in Utct Project Utct The mintToken function of a smart contract implementation for UTCT, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13558 | Rhovit Project | Integer Overflow or Wraparound vulnerability in Rhovit Project Rhovit The mintToken function of a smart contract implementation for rhovit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13557 | Trabet Coin Project | Integer Overflow or Wraparound vulnerability in Trabet Coin Project Trabet Coin The mintToken function of a smart contract implementation for Trabet_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13556 | Cosmotokenerc20 Project | Integer Overflow or Wraparound vulnerability in Cosmotokenerc20 Project Cosmotokenerc20 The mintToken function of a smart contract implementation for COSMOTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13555 | Jaxbox Project | Integer Overflow or Wraparound vulnerability in Jaxbox Project Jaxbox The mintToken function of a smart contract implementation for JaxBox, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13554 | Moneytree Project | Integer Overflow or Wraparound vulnerability in Moneytree Project Moneytree The mintToken function of a smart contract implementation for MoneyTree (TREE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13553 | Microbtc Project | Integer Overflow or Wraparound vulnerability in Microbtc Project Microbtc The mintToken function of a smart contract implementation for Micro BTC (MBTC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13552 | Trabet Coin Preico Project | Integer Overflow or Wraparound vulnerability in Trabet Coin Preico Project Trabet Coin Preico The mintToken function of a smart contract implementation for Trabet_Coin_PreICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13551 | Bgamecoin Project | Integer Overflow or Wraparound vulnerability in Bgamecoin Project Bgamecoin The mintToken function of a smart contract implementation for Bgamecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13550 | Coquinhoerc20 Project | Integer Overflow or Wraparound vulnerability in Coquinhoerc20 Project Coquinhoerc20 The mintToken function of a smart contract implementation for Coquinho Coin (CQNC) (Contract Name: CoquinhoERC20), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13549 | Neurotoken | Integer Overflow or Wraparound vulnerability in Neurotoken The mintToken function of a smart contract implementation for NeuroToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13548 | Mimicoin Project | Integer Overflow or Wraparound vulnerability in Mimicoin Project Mimicoin The mintToken function of a smart contract implementation for Mimicoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13547 | PVE Project | Integer Overflow or Wraparound vulnerability in PVE Project PVE The mintToken function of a smart contract implementation for Providence Crypto Casino (PVE) (Contract Name: ProvidenceCasinoToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13546 | Ccash Project | Integer Overflow or Wraparound vulnerability in Ccash Project Ccash The mintToken function of a smart contract implementation for CCASH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13545 | Hashshield Project | Integer Overflow or Wraparound vulnerability in Hashshield Project Hashshield The mintToken function of a smart contract implementation for HashShield, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13544 | Numisma | Integer Overflow or Wraparound vulnerability in Numisma The mintToken function of a smart contract implementation for Numisma, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13543 | Gemstonetoken Project | Integer Overflow or Wraparound vulnerability in Gemstonetoken Project Gemstonetoken The mintToken function of a smart contract implementation for GemstoneToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13542 | Zibtoken | Integer Overflow or Wraparound vulnerability in Zibtoken The mintToken function of a smart contract implementation for ZIBToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13541 | Cryptoleu Project | Integer Overflow or Wraparound vulnerability in Cryptoleu Project Cryptoleu The mintToken function of a smart contract implementation for CryptoLeu, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13540 | GSI Project | Integer Overflow or Wraparound vulnerability in GSI Project GSI The mintToken function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13539 | Bcxss Project | Integer Overflow or Wraparound vulnerability in Bcxss Project Bcxss The mintToken function of a smart contract implementation for Bcxss, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13538 | Sipctoken Project | Integer Overflow or Wraparound vulnerability in Sipctoken Project Sipctoken The mintToken function of a smart contract implementation for SIPCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13537 | Ethereumlegit Project | Integer Overflow or Wraparound vulnerability in Ethereumlegit Project Ethereumlegit The mintToken function of a smart contract implementation for EthereumLegit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13536 | Erc20 ICO Project | Integer Overflow or Wraparound vulnerability in Erc20 ICO Project Erc20 ICO The mintToken function of a smart contract implementation for ERC20_ICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13535 | Paccoin | Integer Overflow or Wraparound vulnerability in Paccoin The mintToken function of a smart contract implementation for PACCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13534 | Speedcashtoken Project | Integer Overflow or Wraparound vulnerability in Speedcashtoken Project Speedcashtoken The mintToken function of a smart contract implementation for SpeedCashLite (SCSL), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13533 | Aluxdigital | Integer Overflow or Wraparound vulnerability in Aluxdigital Aluxtoken The mintToken function of a smart contract implementation for ALUXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13532 | Mindexcoin | Integer Overflow or Wraparound vulnerability in Mindexcoin The mintToken function of a smart contract implementation for Mindexcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13531 | Maxhouse Project | Integer Overflow or Wraparound vulnerability in Maxhouse Project Maxhouse The mintToken function of a smart contract implementation for MaxHouse, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13530 | Huntercoin | Integer Overflow or Wraparound vulnerability in Huntercoin The mintToken function of a smart contract implementation for HunterCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13529 | Betterthanadrien Project | Integer Overflow or Wraparound vulnerability in Betterthanadrien Project Betterthanadrien The mintToken function of a smart contract implementation for BetterThanAdrien, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13528 | Dhacoin Project | Integer Overflow or Wraparound vulnerability in Dhacoin Project Dhacoin The mintToken function of a smart contract implementation for DhaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13527 | Elevateico | Integer Overflow or Wraparound vulnerability in Elevateico Elevatecoin The mintToken function of a smart contract implementation for ElevateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13526 | Wangwangtoken Project | Integer Overflow or Wraparound vulnerability in Wangwangtoken Project Wangwangtoken The mintToken function of a smart contract implementation for WangWangToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13525 | Flow Project | Integer Overflow or Wraparound vulnerability in Flow Project Flow The mintToken function of a smart contract implementation for Flow, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13524 | Porn Coin | Integer Overflow or Wraparound vulnerability in Porn-Coin Porncoin The mintToken function of a smart contract implementation for PornCoin (PRNC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13523 | Smartpayment Project | Integer Overflow or Wraparound vulnerability in Smartpayment Project Smartpayment The mintToken function of a smart contract implementation for SmartPayment, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13522 | Exgroup Project | Integer Overflow or Wraparound vulnerability in Exgroup Project Exgroup The mintToken function of a smart contract implementation for EXGROUP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13521 | Pinky Token Project | Integer Overflow or Wraparound vulnerability in Pinky Token Project Pinky Token The mintToken function of a smart contract implementation for PinkyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13520 | Topscoinadvanced Project | Integer Overflow or Wraparound vulnerability in Topscoinadvanced Project Topscoinadvanced The mintToken function of a smart contract implementation for TopscoinAdvanced, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13519 | Digital Cloud Token Project | Integer Overflow or Wraparound vulnerability in Digital Cloud Token Project Digital Cloud Token The mint function of a smart contract implementation for DigitalCloudToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13518 | Tcash Project | Integer Overflow or Wraparound vulnerability in Tcash Project Tcash The mintToken function of a smart contract implementation for TCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13517 | C3 Token Project | Integer Overflow or Wraparound vulnerability in C3 Token Project C3 Token The mintToken function of a smart contract implementation for C3 Token (C3), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13516 | Supercoolawesomemoney | Integer Overflow or Wraparound vulnerability in Supercoolawesomemoney Super Cool Awesome Money The mintToken function of a smart contract implementation for Super Cool Awesome Money (SCAM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13515 | Aman Project | Integer Overflow or Wraparound vulnerability in Aman Project Aman The mintToken function of a smart contract implementation for aman, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13514 | Esportz Project | Integer Overflow or Wraparound vulnerability in Esportz Project Esportz The mintToken function of a smart contract implementation for esportz, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13513 | Ubiou | Integer Overflow or Wraparound vulnerability in Ubiou The mintToken function of a smart contract implementation for Ubiou, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13512 | Smarthomecoin Project | Integer Overflow or Wraparound vulnerability in Smarthomecoin Project Smarthomecoin The mintToken function of a smart contract implementation for SmartHomeCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13511 | Corellicoin Project | Integer Overflow or Wraparound vulnerability in Corellicoin Project Corellicoin The mintToken function of a smart contract implementation for CorelliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13510 | Welfare Token Fund Project | Integer Overflow or Wraparound vulnerability in Welfare Token Fund Project Welfare Token Fund The mintToken function of a smart contract implementation for Welfare Token Fund (WTF), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13509 | Iamrich Project | Integer Overflow or Wraparound vulnerability in Iamrich Project Iamrich The mintToken function of a smart contract implementation for IamRich, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13508 | Vicetoken | Integer Overflow or Wraparound vulnerability in Vicetoken Vittoken The mintToken function of a smart contract implementation for VITToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13507 | Slcadvancedtoken Project | Integer Overflow or Wraparound vulnerability in Slcadvancedtoken Project Slcadvancedtoken The mintToken function of a smart contract implementation for SLCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13506 | Self Drive Rental Project | Integer Overflow or Wraparound vulnerability in Self Drive Rental Project Self Drive Rental The mintToken function of a smart contract implementation for SDR22, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13505 | Ecogreenhouse Project | Integer Overflow or Wraparound vulnerability in Ecogreenhouse Project Ecogreenhouse The mintToken function of a smart contract implementation for ecogreenhouse, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13504 | Immcoin | Integer Overflow or Wraparound vulnerability in Immcoin The mintToken function of a smart contract implementation for MMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13503 | South Park Token Token Project | Integer Overflow or Wraparound vulnerability in South Park Token Project South Park Token The mintToken function of a smart contract implementation for South Park Token Token (SPTKN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13502 | Heliumnetwork Project | Integer Overflow or Wraparound vulnerability in Heliumnetwork Project Heliumnetwork The mintToken function of a smart contract implementation for HeliumNetwork, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13501 | Hrwtoken Project | Integer Overflow or Wraparound vulnerability in Hrwtoken Project Hrwtoken The mintToken function of a smart contract implementation for HRWtoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13500 | Missimx | Integer Overflow or Wraparound vulnerability in Missimx Msxadvanced The mintToken function of a smart contract implementation for MSXAdvanced, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13499 | Pcncoin | Integer Overflow or Wraparound vulnerability in Pcncoin The mintToken function of a smart contract implementation for Crowdsale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13498 | Kapaycoin Project | Integer Overflow or Wraparound vulnerability in Kapaycoin Project Kapaycoin The mintToken function of a smart contract implementation for KAPAYcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13497 | Cobtoken Project | Integer Overflow or Wraparound vulnerability in Cobtoken Project Cobtoken The mintToken function of a smart contract implementation for COBToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13496 | Rajtestico Project | Integer Overflow or Wraparound vulnerability in Rajtestico Project Rajtestico The mintToken function of a smart contract implementation for RajTestICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13495 | Kmctoken Project | Integer Overflow or Wraparound vulnerability in Kmctoken Project Kmctoken The mintToken function of a smart contract implementation for KMCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13494 | Susantoken Project | Integer Overflow or Wraparound vulnerability in Susantoken Project Susantoken The mintToken function of a smart contract implementation for SusanTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13493 | Daddytoken Project | Integer Overflow or Wraparound vulnerability in Daddytoken Project Daddytoken The mintToken function of a smart contract implementation for DaddyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13492 | GFX RS | Integer Overflow or Wraparound vulnerability in Gfx-Rs Naga The mintToken function of a smart contract implementation for naga, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13491 | Carrot Cartoon Book Coin Project | Integer Overflow or Wraparound vulnerability in Carrot Cartoon Book Coin Project Carrot Cartoon Book Coin The mintToken function of a smart contract implementation for Carrot, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13490 | Film Tokens BY Contrib Project | Integer Overflow or Wraparound vulnerability in Film Tokens BY Contrib Project Film Tokens BY Contrib The mintToken function of a smart contract implementation for FILM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13489 | Olliscoin Project | Integer Overflow or Wraparound vulnerability in Olliscoin Project Olliscoin The mintToken function of a smart contract implementation for OllisCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13488 | Crypto Alley Shares Project | Integer Overflow or Wraparound vulnerability in Crypto Alley Shares Project Crypto Alley Shares The mintToken function of a smart contract implementation for Crypto Alley Shares (CAST), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13487 | Plato Project | Integer Overflow or Wraparound vulnerability in Plato Project Plato The mintToken function of a smart contract implementation for PlatoToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13486 | Helpproject | Integer Overflow or Wraparound vulnerability in Helpproject Help The mintToken function of a smart contract implementation for HELP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13485 | Bitcoinagile Project | Integer Overflow or Wraparound vulnerability in Bitcoinagile Project Bitcoinagile The mintToken function of a smart contract implementation for BitcoinAgileToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13484 | CBR Token Project | Integer Overflow or Wraparound vulnerability in CBR Token Project CBR Token The mintToken function of a smart contract implementation for CBRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13483 | Mkethtoken Project | Integer Overflow or Wraparound vulnerability in Mkethtoken Project Mkethtoken The mintToken function of a smart contract implementation for mkethToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13482 | Ethercash Project | Integer Overflow or Wraparound vulnerability in Ethercash Project Ethercash The mintToken function of a smart contract implementation for ETHERCASH (ETC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13481 | Triumland | Integer Overflow or Wraparound vulnerability in Triumland The mintToken function of a smart contract implementation for TRIUM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13480 | QRG Project | Integer Overflow or Wraparound vulnerability in QRG Project QRG The mintToken function of a smart contract implementation for QRG, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13479 | Slidebitstoken Project | Integer Overflow or Wraparound vulnerability in Slidebitstoken Project Slidebitstoken The mintToken function of a smart contract implementation for SlidebitsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13478 | Airbridge | Integer Overflow or Wraparound vulnerability in Airbridge Dmptoken The mintToken function of a smart contract implementation for DMPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13477 | CTE | Integer Overflow or Wraparound vulnerability in CTE Ctesale The mintToken function of a smart contract implementation for CTESale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13476 | Philcoin | Integer Overflow or Wraparound vulnerability in Philcoin The mintToken function of a smart contract implementation for PhilCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13475 | Vsctoken Project | Integer Overflow or Wraparound vulnerability in Vsctoken Project Vsctoken The mintToken function of a smart contract implementation for VSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13474 | Fanschaintoken Project | Integer Overflow or Wraparound vulnerability in Fanschaintoken Project Fanschaintoken The mintToken function of a smart contract implementation for FansChainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13473 | Ohni Project | Integer Overflow or Wraparound vulnerability in Ohni Project Ohni The mintToken function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13472 | Clouttoken Project | Integer Overflow or Wraparound vulnerability in Clouttoken Project Clouttoken The mint function of a smart contract implementation for CloutToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13471 | Beyondcash | Integer Overflow or Wraparound vulnerability in Beyondcash Beyondcashtoken The mintToken function of a smart contract implementation for BeyondCashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13470 | Buyertoken Project | Integer Overflow or Wraparound vulnerability in Buyertoken Project Buyertoken The mintToken function of a smart contract implementation for BuyerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13469 | Icocontract Project | Integer Overflow or Wraparound vulnerability in Icocontract Project Icocontract The mintToken function of a smart contract implementation for IcoContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13468 | Cavecoin Project | Integer Overflow or Wraparound vulnerability in Cavecoin Project Cavecoin The mintToken function of a smart contract implementation for Cavecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13467 | Epnex | Integer Overflow or Wraparound vulnerability in Epnex Epiphanycoin The mintToken function of a smart contract implementation for EpiphanyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13466 | Crystals | Integer Overflow or Wraparound vulnerability in Crystals The mintToken function of a smart contract implementation for Crystals, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13465 | Paulycoin Project | Integer Overflow or Wraparound vulnerability in Paulycoin Project Paulycoin The mintToken function of a smart contract implementation for PaulyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13464 | T Swap Token Project | Integer Overflow or Wraparound vulnerability in T-Swap-Token Project T-Swap-Token The mintToken function of a smart contract implementation for t_swap, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13463 | T Swap Token Project | Integer Overflow or Wraparound vulnerability in T-Swap-Token Project T-Swap-Token The mintToken function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-09 | CVE-2018-13462 | Moontoken Project | Integer Overflow or Wraparound vulnerability in Moontoken Project Moontoken The mintToken function of a smart contract implementation for MoonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 |
2018-07-12 | CVE-2017-14709 | Komoot | Improper Certificate Validation vulnerability in Komoot The komoot GmbH "Komoot - Cycling & Hiking Maps" app before 9.3.2 -- aka komoot-cycling-hiking-maps/id447374873 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 7.4 |
2018-07-11 | CVE-2018-11049 | EMC RSA | Uncontrolled Search Path Element vulnerability in multiple products RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. | 7.3 |
2018-07-10 | CVE-2018-10891 | Moodle | Unspecified vulnerability in Moodle A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. | 7.3 |
2018-07-13 | CVE-2018-1000207 | Modx | Incorrect Permission Assignment for Critical Resource vulnerability in Modx Revolution MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename and content. | 7.2 |
2018-07-11 | CVE-2017-16709 | Crestron | Unspecified vulnerability in Crestron Airmedia Am-100 Firmware and Airmedia Am-101 Firmware Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote authenticated administrators to execute arbitrary code via unspecified vectors. | 7.2 |
2018-07-11 | CVE-2018-8007 | Apache | Improper Input Validation vulnerability in Apache Couchdb Apache CouchDB administrative users can configure the database server via HTTP(S). | 7.2 |
2018-07-09 | CVE-2018-13790 | Concretecms | Server-Side Request Forgery (SSRF) vulnerability in Concretecms Concrete CMS 8.2.0 A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page. | 7.2 |
2018-07-09 | CVE-2018-1000623 | Jfrog | Path Traversal vulnerability in Jfrog Artifactory JFrog JFrog Artifactory version Prior to version 6.0.3, since version 4.0.0 contains a Directory Traversal vulnerability in The "Import Repository from Zip" feature, available through the Admin menu -> Import & Export -> Repositories, triggers a vulnerable UI REST endpoint (/ui/artifactimport/upload) that can result in Directory traversal / file overwrite and remote code execution. | 7.2 |
2018-07-09 | CVE-2018-6831 | Foscam | OS Command Injection vulnerability in Foscam products The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote authenticated users to execute arbitrary commands via a ';' in the ntpServer argument. | 7.2 |
2018-07-13 | CVE-2018-6969 | Vmware | Out-of-bounds Read vulnerability in VMWare Tools VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. | 7.0 |
125 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-07-13 | CVE-2018-10631 | Medtronic | Protection Mechanism Failure vulnerability in Medtronic N'Vision 8840 Firmware and N'Vision 8870 Firmware Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions. | 6.8 |
2018-07-10 | CVE-2018-1492 | IBM | Session Fixation vulnerability in IBM products IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. | 6.8 |
2018-07-10 | CVE-2018-3632 | Intel | Out-of-bounds Write vulnerability in Intel Active Management Technology Firmware Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be triggered by an attacker with local administrator permission on the system. | 6.7 |
2018-07-10 | CVE-2017-5704 | Intel | Insufficiently Protected Credentials vulnerability in Intel Core I3 Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges. | 6.7 |
2018-07-09 | CVE-2018-13787 | Supermicro | Unspecified vulnerability in Supermicro products Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware. | 6.7 |
2018-07-11 | CVE-2018-8308 | Microsoft | Improper Resource Shutdown or Release vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 6.6 |
2018-07-15 | CVE-2018-14055 | ZNC Debian | Improper Input Validation vulnerability in multiple products ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf. | 6.5 |
2018-07-13 | CVE-2016-9496 | Hughes | Missing Authentication for Critical Function vulnerability in Hughes products Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication. | 6.5 |
2018-07-13 | CVE-2016-9494 | Hughes | Improper Input Validation vulnerability in Hughes products Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. | 6.5 |
2018-07-13 | CVE-2018-14052 | Libwav Project | Unspecified vulnerability in Libwav Project Libwav An issue has been found in libwav through 2017-04-20. | 6.5 |
2018-07-13 | CVE-2018-14050 | Libwav Project | Unspecified vulnerability in Libwav Project Libwav An issue has been found in libwav through 2017-04-20. | 6.5 |
2018-07-13 | CVE-2018-14049 | Libwav Project | Unspecified vulnerability in Libwav Project Libwav An issue has been found in libwav through 2017-04-20. | 6.5 |
2018-07-13 | CVE-2018-14048 | Libpng Oracle | An issue has been found in libpng 1.6.34. | 6.5 |
2018-07-13 | CVE-2018-14036 | Freedesktop | Path Traversal vulnerability in Freedesktop Accountsservice Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c. | 6.5 |
2018-07-12 | CVE-2018-13796 | GNU | Improper Input Validation vulnerability in GNU Mailman An issue was discovered in GNU Mailman before 2.1.28. | 6.5 |
2018-07-12 | CVE-2018-12979 | Wago | Incorrect Permission Assignment for Critical Resource vulnerability in Wago products An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. | 6.5 |
2018-07-11 | CVE-2018-0029 | Juniper | Resource Exhaustion vulnerability in Juniper Junos While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the 'monitor traffic interface fxp0' can cause the system to crash and restart (vmcore). | 6.5 |
2018-07-11 | CVE-2018-10232 | Topdesk | Cross-Site Request Forgery (CSRF) vulnerability in Topdesk 5.7/8.05.001/8.05.016 Cross-site request forgery (CSRF) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to hijack the authentication of authenticated users for requests that can obtain sensitive information via unspecified vectors. | 6.5 |
2018-07-11 | CVE-2018-8305 | Microsoft | Information Exposure vulnerability in Microsoft Windows Calendar, Windows Mail and Windows People An information disclosure vulnerability exists in Windows Mail Client when a message is opened, aka "Windows Mail Client Information Disclosure Vulnerability." This affects Mail, Calendar, and People in Windows 8.1 App Store. | 6.5 |
2018-07-11 | CVE-2018-8276 | Microsoft | Unspecified vulnerability in Microsoft Edge A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed, aka "Scripting Engine Security Feature Bypass Vulnerability." This affects Microsoft Edge, ChakraCore. | 6.5 |
2018-07-11 | CVE-2018-0949 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 10/11/9 A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. | 6.5 |
2018-07-10 | CVE-2018-3629 | Intel | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Active Management Technology Firmware Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet. | 6.5 |
2018-07-10 | CVE-2018-1423 | IBM | Information Exposure vulnerability in IBM products IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. | 6.5 |
2018-07-10 | CVE-2018-1129 | Redhat Ceph Debian Opensuse | Improper Authentication vulnerability in multiple products A flaw was found in the way signature calculation was handled by cephx authentication protocol. | 6.5 |
2018-07-10 | CVE-2018-10888 | Libgit2 Debian | Out-of-bounds Read vulnerability in multiple products A flaw was found in libgit2 before version 0.27.3. | 6.5 |
2018-07-09 | CVE-2018-5001 | Adobe Redhat | Out-of-bounds Read vulnerability in multiple products Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. | 6.5 |
2018-07-09 | CVE-2018-5000 | Adobe Redhat | Integer Overflow or Wraparound vulnerability in multiple products Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. | 6.5 |
2018-07-09 | CVE-2018-4999 | Adobe | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have an Out-of-bounds read vulnerability. | 6.5 |
2018-07-09 | CVE-2018-4979 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Security Bypass vulnerability. | 6.5 |
2018-07-09 | CVE-2018-4972 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 6.5 |
2018-07-09 | CVE-2018-4951 | Adobe | Out-of-bounds Read vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. | 6.5 |
2018-07-09 | CVE-2018-13785 | Libpng Canonical Oracle Redhat | Integer Overflow or Wraparound vulnerability in multiple products In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. | 6.5 |
2018-07-13 | CVE-2018-9070 | Lenovo | Unspecified vulnerability in Lenovo Smart Assistant For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. | 6.4 |
2018-07-13 | CVE-2016-9500 | Accellion | Cross-site Scripting vulnerability in Accellion FTP Server Accellion FTP server prior to version FTA_9_12_220 uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting. | 6.1 |
2018-07-13 | CVE-2016-9493 | Jqueryform | Cross-site Scripting vulnerability in Jqueryform PHP Formmail Generator 20161206 The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to stored cross-site scripting. | 6.1 |
2018-07-13 | CVE-2018-1255 | EMC | Cross-site Scripting vulnerability in EMC RSA Identity Governance and Lifecycle 7.0.1/7.0.2/7.1.0 RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. | 6.1 |
2018-07-13 | CVE-2018-14042 | Getbootstrap | Cross-site Scripting vulnerability in Getbootstrap Bootstrap In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. | 6.1 |
2018-07-13 | CVE-2018-14041 | Getbootstrap | Cross-site Scripting vulnerability in Getbootstrap Bootstrap 4.0.0/4.1.0/4.1.1 In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. | 6.1 |
2018-07-13 | CVE-2018-14040 | Debian Getbootstrap | Cross-site Scripting vulnerability in multiple products In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. | 6.1 |
2018-07-11 | CVE-2018-10231 | Topdesk | Cross-site Scripting vulnerability in Topdesk Cross-site scripting (XSS) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 6.1 |
2018-07-11 | CVE-2013-0594 | IBM | Open Redirect vulnerability in IBM Inotes Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.1 |
2018-07-11 | CVE-2018-13878 | Rocket Chat | Cross-site Scripting vulnerability in Rocket.Chat An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js in Rocket.Chat before 0.65. | 6.1 |
2018-07-11 | CVE-2018-8278 | Microsoft | Authentication Bypass by Spoofing vulnerability in Microsoft Edge A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. | 6.1 |
2018-07-10 | CVE-2018-13865 | Idreamsoft | Cross-site Scripting vulnerability in Idreamsoft Icms 7.0.9 An issue was discovered in idreamsoft iCMS 7.0.9. | 6.1 |
2018-07-10 | CVE-2018-12462 | Netiq | Cross-site Scripting vulnerability in Netiq Imanager 3.1.1 NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities. | 6.1 |
2018-07-10 | CVE-2018-2435 | SAP | Cross-site Scripting vulnerability in SAP Netweaver Enterprise Portal SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 6.1 |
2018-07-10 | CVE-2018-2431 | SAP | Cross-site Scripting vulnerability in SAP Businessobjects Business Intelligence 4.10/4.20 SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 6.1 |
2018-07-10 | CVE-2018-13849 | Instagram Clone Project | Cross-site Scripting vulnerability in Instagram-Clone Project Instagram-Clone 20180423 edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace. | 6.1 |
2018-07-09 | CVE-2018-11450 | Siemens | Cross-site Scripting vulnerability in Siemens Teamcenter Product Lifecycle Management 9.1.2.5 A reflected Cross-Site-Scripting (XSS) vulnerability has been identified in Siemens PLM Software TEAMCENTER (V9.1.2.5). | 6.1 |
2018-07-09 | CVE-2018-1000611 | Openconext | Cross-site Scripting vulnerability in Openconext Engineblock SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains a Cross Site Scripting (XSS) vulnerability that can result in Allows an attacker to inject arbitrary web scripts or HTML into help and login pages. | 6.1 |
2018-07-09 | CVE-2013-2999 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Data Replication Dashboard 10.1/9.7 Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2018-07-09 | CVE-2018-13256 | Chartered Accountant | Cross-site Scripting vulnerability in Chartered Accountant : Auditor Website Project Chartered Accountant : Auditor Website 2.0.1 PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter. | 6.1 |
2018-07-13 | CVE-2016-6543 | Ieasytec | Improper Access Control vulnerability in Ieasytec Itrack Easy A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device. | 5.9 |
2018-07-13 | CVE-2017-1395 | IBM | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
2018-07-12 | CVE-2017-14710 | Shein | Improper Certificate Validation vulnerability in Shein Shein-Fashion Shopping Online The Shein Group Ltd. | 5.9 |
2018-07-12 | CVE-2017-14612 | Shpock | Improper Certificate Validation vulnerability in Shpock "Shpock Boot Sale & Classifieds" app before 3.17.0 -- aka shpock-boot-sale-classifieds/id557153158 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
2018-07-11 | CVE-2018-11045 | Pivotal Software | Use of Insufficiently Random Values vulnerability in Pivotal Software Operations Manager Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to 1.12.22, contains a static Linux Random Number Generator (LRNG) seed file embedded in the appliance image. | 5.9 |
2018-07-11 | CVE-2016-0708 | Cloudfoundry | Information Exposure vulnerability in Cloudfoundry Cf-Release and Java Buildpack Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. | 5.9 |
2018-07-11 | CVE-2018-0034 | Juniper | Improper Input Validation vulnerability in Juniper Junos A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system. | 5.9 |
2018-07-11 | CVE-2018-0031 | Juniper | Resource Exhaustion vulnerability in Juniper Junos Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter. | 5.9 |
2018-07-11 | CVE-2018-0027 | Juniper | Improper Input Validation vulnerability in Juniper Junos 16.1 Receipt of a crafted or malformed RSVP PATH message may cause the routing protocol daemon (RPD) to hang or crash. | 5.9 |
2018-07-11 | CVE-2018-8304 | Microsoft | Unspecified vulnerability in Microsoft products A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 5.9 |
2018-07-10 | CVE-2018-2439 | SAP | Improper Input Validation vulnerability in SAP Internet Graphics Server The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has insufficient request validation (for example, where the request is validated for authenticity and validity) and under certain conditions, will process invalid requests. | 5.9 |
2018-07-10 | CVE-2018-3693 | Intel ARM Oracle Schneider Electric Netapp Redhat Fujitsu | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. | 5.6 |
2018-07-13 | CVE-2018-10098 | Escanav | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Escanav Escan Internet Security Suite 14.0.1400.2029 In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD). | 5.5 |
2018-07-13 | CVE-2018-14047 | Pngwriter Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pngwriter Project Pngwriter 0.7.0 An issue has been found in PNGwriter 0.7.0. | 5.5 |
2018-07-12 | CVE-2018-14017 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.7.0 The r_bin_java_annotation_new function in shlr/java/class.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted .class file because of missing input validation in r_bin_java_line_number_table_attr_new. | 5.5 |
2018-07-12 | CVE-2018-14016 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.7.0 The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Mini Crash Dump file. | 5.5 |
2018-07-12 | CVE-2018-14015 | Radare | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Radare Radare2 2.7.0 The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c. | 5.5 |
2018-07-12 | CVE-2018-13458 | Nagios | NULL Pointer Dereference vulnerability in Nagios Core qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | 5.5 |
2018-07-12 | CVE-2018-13457 | Nagios | NULL Pointer Dereference vulnerability in Nagios Core qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | 5.5 |
2018-07-12 | CVE-2018-13441 | Nagios | NULL Pointer Dereference vulnerability in Nagios qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | 5.5 |
2018-07-11 | CVE-2018-8356 | Microsoft | Improper Certificate Validation vulnerability in Microsoft products A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 1.0, .NET Core 2.0, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. | 5.5 |
2018-07-11 | CVE-2018-8309 | Microsoft | Unspecified vulnerability in Microsoft products A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 5.5 |
2018-07-11 | CVE-2018-8306 | Microsoft | Command Injection vulnerability in Microsoft Wireless Display Adapter Firmware 2.0.8350/2.0.8365/2.0.8372 A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka "Microsoft Wireless Display Adapter Command Injection Vulnerability." This affects Microsoft Wireless Display Adapter V2 Software. | 5.5 |
2018-07-10 | CVE-2018-10872 | Redhat | Unspecified vulnerability in Redhat products A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. | 5.5 |
2018-07-09 | CVE-2017-16890 | Swftools | Divide By Zero vulnerability in Swftools 0.9.2 SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono function in lib/wav.c because the align value may be zero. | 5.5 |
2018-07-12 | CVE-2018-12981 | Wago | Cross-site Scripting vulnerability in Wago products An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. | 5.4 |
2018-07-12 | CVE-2018-8024 | Apache Mozilla | Information Exposure vulnerability in multiple products In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute and expose information from the user's view of the Spark UI. | 5.4 |
2018-07-11 | CVE-2013-0592 | IBM | Cross-site Scripting vulnerability in IBM Inotes Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
2018-07-11 | CVE-2018-13879 | Rocket Chat | Cross-site Scripting vulnerability in Rocket.Chat A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. | 5.4 |
2018-07-11 | CVE-2018-8326 | Microsoft | Cross-site Scripting vulnerability in Microsoft web Customizations A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Open Source Customization for Active Directory Federation Services XSS Vulnerability." This affects Web Customizations. | 5.4 |
2018-07-11 | CVE-2018-8323 | Microsoft | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. | 5.4 |
2018-07-11 | CVE-2018-8299 | Microsoft | Cross-site Scripting vulnerability in Microsoft products An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. | 5.4 |
2018-07-10 | CVE-2018-2432 | SAP | Cross-site Scripting vulnerability in SAP Businessobjects Business Intelligence 4.1/4.2/4.3 SAP BusinessObjects Business Intelligence (BI Launchpad and Central Management Console) versions 4.10, 4.20 and 4.30 allow an attacker to include invalidated data in the HTTP response header sent to a Web user. | 5.4 |
2018-07-10 | CVE-2018-1549 | IBM | Injection vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to HTTP response splitting attacks. | 5.4 |
2018-07-10 | CVE-2018-1523 | IBM | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. | 5.4 |
2018-07-10 | CVE-2018-1396 | IBM | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. | 5.4 |
2018-07-10 | CVE-2017-1793 | IBM | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. | 5.4 |
2018-07-10 | CVE-2017-1792 | IBM | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. | 5.4 |
2018-07-10 | CVE-2017-1791 | IBM | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. | 5.4 |
2018-07-10 | CVE-2017-1738 | IBM | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 contains an undisclosed vulnerability that would allow an authenticated user to obtain elevated privileges. | 5.4 |
2018-07-10 | CVE-2017-1729 | IBM | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. | 5.4 |
2018-07-10 | CVE-2018-1521 | IBM | Cross-site Scripting vulnerability in IBM Rational Team Concert IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. | 5.4 |
2018-07-10 | CVE-2018-1408 | IBM | Cross-site Scripting vulnerability in IBM Rational Team Concert IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. | 5.4 |
2018-07-10 | CVE-2018-1407 | IBM | Cross-site Scripting vulnerability in IBM Rational Team Concert IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. | 5.4 |
2018-07-10 | CVE-2018-13388 | Atlassian | Cross-site Scripting vulnerability in Atlassian Fisheye The review attachment resource in Atlassian Fisheye and Crucible before version 4.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in attached files. | 5.4 |
2018-07-15 | CVE-2018-14056 | ZNC Debian | Path Traversal vulnerability in multiple products ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories. | 5.3 |
2018-07-13 | CVE-2013-0570 | IBM | Information Exposure vulnerability in IBM Network Operating System The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data frames with unknown MAC addresses out on all interfaces on the same VLAN, which might allow remote attackers to obtain sensitive information in opportunistic circumstances by eavesdropping on the broadcast domain. | 5.3 |
2018-07-13 | CVE-2016-9499 | Accellion | Information Exposure vulnerability in Accellion FTP Server Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid. | 5.3 |
2018-07-13 | CVE-2017-1367 | IBM | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 stores sensitive information in URL parameters. | 5.3 |
2018-07-11 | CVE-2018-8307 | Microsoft | Unspecified vulnerability in Microsoft products A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects, aka "WordPad Security Feature Bypass Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 5.3 |
2018-07-11 | CVE-2018-8222 | Microsoft | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | 5.3 |
2018-07-10 | CVE-2018-10890 | Moodle | Information Exposure vulnerability in Moodle A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. | 5.3 |
2018-07-10 | CVE-2018-10889 | Moodle | Information Exposure Through Log Files vulnerability in Moodle A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. | 5.3 |
2018-07-09 | CVE-2018-13034 | Jester Project | Path Traversal vulnerability in Jester Project Jester 0.2.0 Directory traversal in Jester web framework 0.2.0 allows remote attackers to fetch files in arbitrary locations via "..%f" sequences. | 5.3 |
2018-07-13 | CVE-2016-9491 | Zohocorp | Information Exposure vulnerability in Zohocorp Manageengine Applications Manager 12.0/13.0 ManageEngine Applications Manager 12 and 13 before build 13690 allows an authenticated user, who is able to access /register.do page (most likely limited to administrator), to browse the filesystem and read the system files, including Applications Manager configuration, stored private keys, etc. | 4.9 |
2018-07-12 | CVE-2018-13999 | Catfish CMS | Cross-site Scripting vulnerability in Catfish-Cms Catfish CMS 4.7.9 Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html editorValue parameter (aka an article posted by an administrator). | 4.8 |
2018-07-12 | CVE-2018-13998 | Clippercms | Cross-site Scripting vulnerability in Clippercms 1.3.3 ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security -> Manager Users or (2) Security -> Web Users. | 4.8 |
2018-07-11 | CVE-2017-16710 | Crestron | Cross-site Scripting vulnerability in Crestron Airmedia Am-100 Firmware and Airmedia Am-101 Firmware Cross-site scripting (XSS) vulnerability in Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.8 |
2018-07-12 | CVE-2018-1334 | Apache | Information Exposure vulnerability in Apache Spark In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. | 4.7 |
2018-07-11 | CVE-2018-8314 | Microsoft | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2008 R2, Windows 10. | 4.7 |
2018-07-10 | CVE-2018-13389 | Atlassian | Improper Input Validation vulnerability in Atlassian Confluence The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml. | 4.7 |
2018-07-10 | CVE-2018-3619 | Intel | Information Exposure vulnerability in Intel products Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. | 4.6 |
2018-07-11 | CVE-2016-9604 | Linux | Improper Verification of Cryptographic Signature vulnerability in Linux Kernel It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. | 4.4 |
2018-07-10 | CVE-2018-1116 | Debian Canonical Polkit Project | Missing Authorization vulnerability in multiple products A flaw was found in polkit before version 0.116. | 4.4 |
2018-07-10 | CVE-2018-2440 | SAP | Information Exposure Through Log Files vulnerability in SAP Dynamic Authorization Management 7.7/8.5 Under certain circumstances SAP Dynamic Authorization Management (DAM) by NextLabs (Java Policy Controller versions 7.7 and 8.5) exposes sensitive information in the application logs. | 4.4 |
2018-07-13 | CVE-2016-6549 | Nutspace | Improper Authentication vulnerability in Nutspace NUT Mobile The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute. | 4.3 |
2018-07-11 | CVE-2018-8325 | Microsoft | Information Exposure vulnerability in Microsoft Edge An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | 4.3 |
2018-07-11 | CVE-2018-8324 | Microsoft | Information Exposure vulnerability in Microsoft Edge An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | 4.3 |
2018-07-11 | CVE-2018-8297 | Microsoft | Information Exposure vulnerability in Microsoft Edge An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | 4.3 |
2018-07-11 | CVE-2018-8289 | Microsoft | Information Exposure vulnerability in Microsoft Edge An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | 4.3 |
2018-07-10 | CVE-2018-2434 | SAP | Insufficient Verification of Data Authenticity vulnerability in SAP Netweaver, UI Infra and User Interface Technology A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). | 4.3 |
2018-07-09 | CVE-2018-1548 | IBM | Information Exposure vulnerability in IBM API Connect IBM API Connect 2018.1.0.0, 2018.2.1, 2018.2.2, 2018.2.3, and 2018.2.4 contains a vulnerability that could allow an authenticated user to obtain sensitive information. | 4.3 |
2018-07-09 | CVE-2018-1000402 | Jenkins | Information Exposure vulnerability in Jenkins AWS Codedeploy Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a File and Directory Information Exposure vulnerability in AWSCodeDeployPublisher.java that can result in Disclosure of environment variables. | 4.3 |
1 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-07-13 | CVE-2016-6542 | Ieasytec | Improper Input Validation vulnerability in Ieasytec Itrackeasy The iTrack device tracking ID number, also called "LosserID" in the web API, can be obtained by being in the range of an iTrack device. | 3.7 |