Weekly Vulnerabilities Reports > July 9 to 15, 2018

Overview

748 new vulnerabilities reported during this period, including 45 critical vulnerabilities and 93 high severity vulnerabilities. This weekly summary report vulnerabilities in 1400 products from 480 vendors including Microsoft, Apple, Adobe, IBM, and Linux. Vulnerabilities are notably categorized as "Integer Overflow or Wraparound", "Out-of-bounds Read", "Out-of-bounds Write", "Cross-site Scripting", and "Information Exposure".

  • 673 reported vulnerabilities are remotely exploitables.
  • 24 reported vulnerabilities have public exploit available.
  • 94 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 694 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 111 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 23 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

45 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-07-15 CVE-2018-14060 MI OS Command Injection vulnerability in MI Xiaomi R3D Firmware

OS command injection in the AP mode settings feature in /cgi-bin/luci /api/misystem/set_router_wifiap on Xiaomi R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data.

10.0
2018-07-15 CVE-2018-14010 MI OS Command Injection vulnerability in MI products

OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data.

10.0
2018-07-13 CVE-2016-9498 Zohocorp Deserialization of Untrusted Data vulnerability in Zohocorp Manageengine Applications Manager 12.0/13.0

ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects.

10.0
2018-07-13 CVE-2016-6567 Shdesigns Improper Input Validation vulnerability in Shdesigns Resident Download Manager

SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000 CPU boards, which according to the reporter may be used in some industrial control and embedded applications.

10.0
2018-07-13 CVE-2016-6563 Dlink Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Dlink products

Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers.

10.0
2018-07-13 CVE-2016-6554 Synology Credentials Management vulnerability in Synology Ds107 Firmware, Ds116 Firmware and Ds213 Firmware

Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) .

10.0
2018-07-13 CVE-2016-6553 Nuuo Credentials Management vulnerability in Nuuo Nt-4040 Titan Firmware Nt404001.07.0000.00151120

Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses non-random default credentials of: admin:admin and localdisplay:111111.

10.0
2018-07-13 CVE-2016-6552 Greenpacket Credentials Management vulnerability in Greenpacket Dx-350 Firmware

Green Packet DX-350 uses non-random default credentials of: root:wimax.

10.0
2018-07-13 CVE-2016-6551 Intelliantech Credentials Management vulnerability in Intelliantech products

Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses non-random default credentials of: ftp/ftp or intellian:12345678.

10.0
2018-07-12 CVE-2018-14009 Codiad Improper Input Validation vulnerability in Codiad

Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689.

10.0
2018-07-11 CVE-2018-0040 Juniper USE of Hard-Coded Credentials vulnerability in Juniper Contrail Service Orchestration

Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized access to services.

10.0
2018-07-11 CVE-2018-0035 Juniper Unspecified vulnerability in Juniper Junos 15.1X53

QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment (ONIE) partition.

10.0
2018-07-11 CVE-2018-10635 Universal Robots Missing Authentication for Critical Function vulnerability in Universal-Robots Cb3.1 Firmware 3.4.5100

In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code.

10.0
2018-07-11 CVE-2018-8327 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code Execution Vulnerability." This affects PowerShell Editor, PowerShell Extension.

10.0
2018-07-10 CVE-2018-5553 Crestron OS Command Injection vulnerability in Crestron products

The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access.

10.0
2018-07-09 CVE-2018-5002 Adobe
Apple
Linux
Microsoft
Google
Redhat
Out-Of-Bounds Write vulnerability in multiple products

Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability.

10.0
2018-07-09 CVE-2018-4996 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

10.0
2018-07-09 CVE-2018-4989 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

10.0
2018-07-09 CVE-2018-4988 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

10.0
2018-07-09 CVE-2018-4987 Adobe
Apple
Microsoft
Null Pointer Dereference vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Untrusted pointer dereference vulnerability.

10.0
2018-07-09 CVE-2018-4984 Adobe
Apple
Microsoft
Out-Of-Bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability.

10.0
2018-07-09 CVE-2018-4983 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

10.0
2018-07-09 CVE-2018-4978 Adobe
Apple
Microsoft
Out-Of-Bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability.

10.0
2018-07-09 CVE-2018-4977 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

10.0
2018-07-09 CVE-2018-4968 Adobe
Apple
Microsoft
Out-Of-Bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability.

10.0
2018-07-09 CVE-2018-4966 Adobe
Apple
Microsoft
Out-Of-Bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability.

10.0
2018-07-09 CVE-2018-4961 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

10.0
2018-07-09 CVE-2018-4959 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

10.0
2018-07-09 CVE-2018-4958 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

10.0
2018-07-09 CVE-2018-4950 Adobe
Apple
Microsoft
Out-Of-Bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds write vulnerability.

10.0
2018-07-09 CVE-2018-4948 Adobe
Apple
Microsoft
Out-Of-Bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability.

10.0
2018-07-09 CVE-2018-4947 Adobe
Apple
Microsoft
Out-Of-Bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability.

10.0
2018-07-09 CVE-2017-3198 Gigabyte Missing Encryption of Sensitive Data vulnerability in Gigabyte Gb-Bsi7H-6500 Firmware and Gb-Bxi7-5775 Firmware

GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware.

10.0
2018-07-09 CVE-2017-3197 Gigabyte Improper Input Validation vulnerability in Gigabyte Gb-Bsi7H-6500 Firmware and Gb-Bxi7-5775 Firmware

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and GB-BXi7-5775 (version F2) platforms does not securely implement BIOSWE, BLE, SMM_BWP, and PRx features.

10.0
2018-07-09 CVE-2018-11541 Ribboncommunications Missing Authorization vulnerability in Ribboncommunications products

A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows unauthorised access to privileged content via an unspecified vector.

10.0
2018-07-13 CVE-2016-6564 Infinixauthority
Bluproducts
Xolo
Beeline
IKU Mobile
Leagoo
Doogee
Permissions, Privileges, and Access Controls vulnerability in multiple products

Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks.

9.3
2018-07-11 CVE-2018-8312 Microsoft Unspecified vulnerability in Microsoft Access and Office

A remote code execution vulnerability exists when Microsoft Access fails to properly handle objects in memory, aka "Microsoft Access Remote Code Execution Vulnerability." This affects Microsoft Access, Microsoft Office.

9.3
2018-07-11 CVE-2018-8284 Microsoft Code Injection vulnerability in Microsoft products

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.

9.3
2018-07-11 CVE-2018-8281 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Microsoft Office, Microsoft Office Word Viewer.

9.3
2018-07-11 CVE-2018-8238 Microsoft Unspecified vulnerability in Microsoft Lync and Skype for Business

A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync.

9.3
2018-07-11 CVE-2018-8172 Microsoft Unspecified vulnerability in Microsoft Expression Blend and Visual Studio

A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4.

9.3
2018-07-09 CVE-2018-4858 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in IEC 61850 system configurator (All versions < V5.80), DIGSI 5 (affected as IEC 61850 system configurator is incorporated) (All versions < V7.80), DIGSI 4 (All versions < V4.93), SICAM PAS/PQS (All versions < V8.11), SICAM PQ Analyzer (All versions < V3.11), SICAM SCC (All versions < V9.02 HF3).

9.3
2018-07-13 CVE-2018-1245 EMC Incorrect Authorization vulnerability in EMC RSA Identity Governance and Lifecycle 7.0.1/7.0.2/7.1.0

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM).

9.0
2018-07-11 CVE-2018-8007 Apache Improper Input Validation vulnerability in Apache Couchdb

Apache CouchDB administrative users can configure the database server via HTTP(S).

9.0
2018-07-09 CVE-2018-6831 Foscam OS Command Injection vulnerability in Foscam products

The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote authenticated users to execute arbitrary commands via a ';' in the ntpServer argument.

9.0

93 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-07-11 CVE-2018-8308 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

8.5
2018-07-13 CVE-2016-9497 Hughes Improper Authentication vulnerability in Hughes products

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel.

8.3
2018-07-11 CVE-2018-13989 Arcelikas Cross-Site Request Forgery (CSRF) vulnerability in Arcelikas Grundig Smart Inter@Ctive Firmware 3.0

Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST request to TCP port 8085 containing a predictable ID value, as demonstrated by a /sendrcpackage?keyid=-2544&keysymbol=-4081 request to shut off the device.

8.3
2018-07-10 CVE-2018-3628 Intel Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Intel Active Management Technology Firmware

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet.

8.3
2018-07-11 CVE-2013-2972 IBM Improper Access Control vulnerability in IBM Websphere Cast Iron Cloud Integration 6.0.0.0/6.1.0.0/6.3.0.0

IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors.

7.8
2018-07-11 CVE-2018-8206 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol (FTP) connections, aka "Windows FTP Server Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

7.8
2018-07-10 CVE-2018-10943 Barco Improper Input Validation vulnerability in Barco products

An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base Units with firmware before 1.6.0.3.

7.8
2018-07-09 CVE-2018-6832 Foscam Out-Of-Bounds Write vulnerability in Foscam products

Stack-based buffer overflow in the getSWFlag function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to cause a denial of service (crash and reboot), via the callbackJson parameter.

7.8
2018-07-09 CVE-2017-7471 Qemu Incorrect Permission Assignment FOR Critical Resource vulnerability in Qemu

Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to an improper access control issue.

7.7
2018-07-11 CVE-2018-8301 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.

7.6
2018-07-11 CVE-2018-8298 Microsoft Type Confusion vulnerability in Microsoft Chakracore

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore.

7.6
2018-07-11 CVE-2018-8296 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Internet Explorer 11

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11.

7.6
2018-07-11 CVE-2018-8294 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-07-11 CVE-2018-8291 Microsoft Type Confusion vulnerability in Microsoft Chakracore, Edge and Internet Explorer

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.

7.6
2018-07-11 CVE-2018-8290 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-07-11 CVE-2018-8288 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore, Edge and Internet Explorer

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.

7.6
2018-07-11 CVE-2018-8287 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore, Edge and Internet Explorer

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10.

7.6
2018-07-11 CVE-2018-8286 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-07-11 CVE-2018-8283 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore.

7.6
2018-07-11 CVE-2018-8280 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-07-11 CVE-2018-8279 Microsoft Type Confusion vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-07-11 CVE-2018-8275 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-07-11 CVE-2018-8274 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.

7.6
2018-07-11 CVE-2018-8262 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.

7.6
2018-07-11 CVE-2018-8242 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

7.6
2018-07-11 CVE-2018-8125 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.

7.6
2018-07-15 CVE-2018-14066 Google
Infinixmobility
Lenovo
SQL Injection vulnerability in Google Android 6.0/7.0

The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection.

7.5
2018-07-15 CVE-2018-14065 Phpoffice Project XXE vulnerability in PHPoffice Project Common

XMLReader.php in PHPOffice Common before 0.2.9 allows XXE.

7.5
2018-07-15 CVE-2018-14063 Tracto Integer Overflow OR Wraparound vulnerability in Tracto

The increaseApproval function of a smart contract implementation for Tracto (TRCT), an Ethereum ERC20 token, has an integer overflow.

7.5
2018-07-13 CVE-2016-9492 Jqueryform Unrestricted Upload of File With Dangerous Type vulnerability in Jqueryform PHP Formmail Generator

The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to unrestricted upload of dangerous file types.

7.5
2018-07-13 CVE-2016-9483 Jqueryform Deserialization of Untrusted Data vulnerability in Jqueryform PHP Formmail Generator

The PHP form code generated by PHP FormMail Generator deserializes untrusted input as part of the phpfmg_filman_download() function.

7.5
2018-07-13 CVE-2016-9482 Jqueryform Improper Authentication vulnerability in Jqueryform PHP Formmail Generator

Code generated by PHP FormMail Generator may allow a remote unauthenticated user to bypass authentication in the to access the administrator panel by navigating directly to /admin.php?mod=admin&func=panel

7.5
2018-07-13 CVE-2016-6566 Sungardas SQL Injection vulnerability in Sungardas Etrakit3 3.2.1.17

The valueAsString parameter inside the JSON payload contained by the ucLogin_txtLoginId_ClientStat POST parameter of the Sungard eTRAKiT3 software version 3.2.1.17 is not properly validated.

7.5
2018-07-13 CVE-2016-6559 Freebsd Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freebsd

Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory.

7.5
2018-07-13 CVE-2016-6558 Asus Command Injection vulnerability in Asus products

A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter.

7.5
2018-07-13 CVE-2018-8847 Eaton Buffer Errors vulnerability in Eaton 9000X Firmware 2.0.29

Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution.

7.5
2018-07-13 CVE-2018-14054 Techsmith Double Free vulnerability in Techsmith Mp4V2 2.0.0

A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0.

7.5
2018-07-13 CVE-2018-14043 Monetra Incorrect Permission Assignment for Critical Resource vulnerability in Monetra Mstdlib 1.2.0

mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect file access control in situations where M_fs_perms_can_access attempts to delete an existing file (that lacks public read/write access) during a copy operation, related to fs/m_fs.c and fs/m_fs_path.c.

7.5
2018-07-12 CVE-2018-14012 Wolfsight SQL Injection vulnerability in Wolfsight CMS 3.2

WolfSight CMS 3.2 allows SQL injection via the PATH_INFO to the default URI.

7.5
2018-07-12 CVE-2018-12463 HP XXE vulnerability in HP Fortify Software Security Center 17.1/17.2/18.1

An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.

7.5
2018-07-12 CVE-2018-13996 Codeplea Out-Of-Bounds Read vulnerability in Codeplea Genann

Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c.

7.5
2018-07-11 CVE-2018-0041 Juniper USE of Hard-Coded Credentials vulnerability in Juniper Contrail Service Orchestration

Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials to access Keystone service.

7.5
2018-07-11 CVE-2018-0039 Juniper USE of Hard-Coded Credentials vulnerability in Juniper Contrail Service Orchestration

Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service enabled by default with hardcoded credentials.

7.5
2018-07-11 CVE-2018-0038 Juniper USE of Hard-Coded Credentials vulnerability in Juniper Contrail Service Orchestration

Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service enabled by default with hardcoded credentials.

7.5
2018-07-11 CVE-2018-0037 Juniper Improper Input Validation vulnerability in Juniper Junos 15.1

Junos OS routing protocol daemon (RPD) process may crash and restart or may lead to remote code execution while processing specific BGP NOTIFICATION messages.

7.5
2018-07-11 CVE-2018-10633 Universal Robots USE of Hard-Coded Credentials vulnerability in Universal-Robots Cb3.1 Firmware 3.4.5100

Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded credentials that may allow an attacker to reset passwords for the controller.

7.5
2018-07-11 CVE-2018-10197 ELO SQL Injection vulnerability in ELO Access Manager

There is a time-based blind SQL injection vulnerability in the Access Manager component before 9.18.040 and 10.x before 10.18.040 in ELO ELOenterprise 9 and 10 and ELOprofessional 9 and 10 that makes it possible to read all database content.

7.5
2018-07-11 CVE-2018-0500 Haxx
Canonical
Out-Of-Bounds Write vulnerability in multiple products

Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value).

7.5
2018-07-11 CVE-2017-7467 Minicom Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Minicom Project Minicom

A buffer overflow flaw was found in the way minicom before version 2.7.1 handled VT100 escape sequences.

7.5
2018-07-11 CVE-2018-8319 Microsoft Incorrect Calculation vulnerability in Microsoft Research Javascript Cryptography Library 1.4

A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability." This affects Microsoft Research JavaScript Cryptography Library.

7.5
2018-07-10 CVE-2018-13876 Hdfgroup Out-Of-Bounds Write vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

7.5
2018-07-10 CVE-2018-13874 Hdfgroup Out-Of-Bounds Write vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

7.5
2018-07-10 CVE-2018-13873 Hdfgroup Out-Of-Bounds Read vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

7.5
2018-07-10 CVE-2018-13872 Hdfgroup Out-Of-Bounds Write vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

7.5
2018-07-10 CVE-2018-13871 Hdfgroup Out-Of-Bounds Write vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

7.5
2018-07-10 CVE-2018-13870 Hdfgroup Out-Of-Bounds Read vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

7.5
2018-07-10 CVE-2018-13869 Hdfgroup Buffer Errors vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

7.5
2018-07-10 CVE-2018-13868 Hdfgroup Out-Of-Bounds Read vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

7.5
2018-07-10 CVE-2018-13867 Hdfgroup Out-Of-Bounds Read vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

7.5
2018-07-10 CVE-2018-13866 Hdfgroup Out-Of-Bounds Read vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

7.5
2018-07-10 CVE-2018-13850 Icanstudioz SQL Injection vulnerability in Icanstudioz Firebase Push Notification ON IOS / FCM + Advance Admin Panel

The "Firebase Cloud Messaging (FCM) + Advance Admin Panel" component supporting Firebase Push Notification on iOS (through 2017-10-26) allows SQL injection via the /advance_push/public/login username parameter.

7.5
2018-07-10 CVE-2018-13846 Axiosys Out-Of-Bounds Read vulnerability in Axiosys Bento4 1.5.1624

An issue has been found in Bento4 1.5.1-624.

7.5
2018-07-10 CVE-2018-13845 Htslib Out-Of-Bounds Read vulnerability in Htslib 1.8

An issue has been found in HTSlib 1.8.

7.5
2018-07-10 CVE-2018-10891 Moodle Unspecified vulnerability in Moodle

A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13.

7.5
2018-07-10 CVE-2018-9853 Freesshd Improper Privilege Management vulnerability in Freesshd 1.3.1

Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server.

7.5
2018-07-10 CVE-2018-13818 Symfony Code Injection vulnerability in Symfony Twig

** DISPUTED ** Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter.

7.5
2018-07-10 CVE-2018-13797 Node Macaddress Project OS Command Injection vulnerability in Node-Macaddress Project Node-Macaddress

The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.

7.5
2018-07-09 CVE-2018-13794 Catimg Project Out-Of-Bounds Write vulnerability in Catimg Project Catimg

A heap-based buffer overflow exists in stbi__bmp_load_cont in stb_image.h in catimg 2.4.0.

7.5
2018-07-09 CVE-2018-13791 Abbyy Incorrect Permission Assignment FOR Critical Resource vulnerability in Abbyy Flexicapture

The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter.

7.5
2018-07-09 CVE-2018-1000618 Eosio Project Uncontrolled Recursion vulnerability in Eosio Project EOS

EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contains a stack overflow vulnerability in abi_serializer that can result in attack eos network node.

7.5
2018-07-09 CVE-2018-1000616 Onosproject XXE vulnerability in Onosproject Onos

ONOS ONOS controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in onos\drivers\utilities\src\main\java\org\onosproject\drivers\utilities\XmlConfigParser.java loadxml() that can result in An adversary can remotely launch XXE attacks on ONOS controller via an OpenConfig Terminal Device..

7.5
2018-07-09 CVE-2018-1000614 Onosproject XXE vulnerability in Onosproject Onos

ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XXE attacks on ONOS controller without authentication..

7.5
2018-07-09 CVE-2018-1000613 Bouncycastle Unsafe Reflection vulnerability in Bouncycastle Legion-Of-The-Bouncy-Castle-Java-Crytography-Api

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code.

7.5
2018-07-09 CVE-2018-4995 Adobe
Apple
Microsoft
Injection vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an XFA '\n' POST injection vulnerability.

7.5
2018-07-09 CVE-2013-3000 IBM SQL Injection vulnerability in IBM Infosphere Data Replication Dashboard 10.1/9.7

SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2018-07-09 CVE-2018-11542 Ribboncommunications Unspecified vulnerability in Ribboncommunications products

A Remote Command Execution (RCE) vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows for the execution of arbitrary commands via an unspecified vector.

7.5
2018-07-13 CVE-2016-9486 Forescout Permissions, Privileges, and Access Controls vulnerability in Forescout Secureconnector

On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent.

7.2
2018-07-13 CVE-2016-9485 Forescout Permissions, Privileges, and Access Controls vulnerability in Forescout Secureconnector

On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent.

7.2
2018-07-13 CVE-2018-7535 Totalav Incorrect Default Permissions vulnerability in Totalav 4.1.7/4.6.19

An issue was discovered in TotalAV v4.1.7.

7.2
2018-07-11 CVE-2018-0024 Juniper Improper Privilege Management vulnerability in Juniper Junos

An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system.

7.2
2018-07-11 CVE-2018-8313 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

7.2
2018-07-11 CVE-2018-8282 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

7.2
2018-07-11 CVE-2018-8202 Microsoft Unspecified vulnerability in Microsoft .Net Framework

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.

7.2
2018-07-10 CVE-2018-3632 Intel Out-Of-Bounds Write vulnerability in Intel Active Management Technology Firmware

Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be triggered by an attacker with local administrator permission on the system.

7.2
2018-07-09 CVE-2018-6857 Sophos Buffer Errors vulnerability in Sophos products

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0.

7.2
2018-07-09 CVE-2018-6856 Sophos Buffer Errors vulnerability in Sophos products

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x8020601C.

7.2
2018-07-09 CVE-2018-6855 Sophos Buffer Errors vulnerability in Sophos products

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202014.

7.2
2018-07-09 CVE-2018-6854 Sophos Buffer Errors vulnerability in Sophos products

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via multiple IOCTLs, e.g., 0x8810200B, 0x8810200F, 0x8810201B, 0x8810201F, 0x8810202B, 0x8810202F, 0x8810203F, 0x8810204B, 0x88102003, 0x88102007, 0x88102013, 0x88102017, 0x88102027, 0x88102033, 0x88102037, 0x88102043, and 0x88102047.

7.2
2018-07-09 CVE-2018-6853 Sophos Buffer Errors vulnerability in Sophos products

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206024.

7.2
2018-07-09 CVE-2018-6852 Sophos Buffer Errors vulnerability in Sophos products

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202298.

7.2
2018-07-09 CVE-2018-6851 Sophos Buffer Errors vulnerability in Sophos products

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206040.

7.2
2018-07-09 CVE-2018-13787 Supermicro Unspecified vulnerability in Supermicro products

Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware.

7.2
2018-07-11 CVE-2018-8304 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

7.1

570 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-07-13 CVE-2018-9070 Lenovo Unspecified vulnerability in Lenovo Smart Assistant

For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device.

6.9
2018-07-11 CVE-2018-11049 EMC Uncontrolled Search Path Element vulnerability in EMC products

RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability.

6.9
2018-07-15 CVE-2018-14068 Srcms Project Cross-Site Request Forgery (CSRF) vulnerability in Srcms Project Srcms 2.3.1

An issue was discovered in SRCMS V2.3.1.

6.8
2018-07-13 CVE-2016-9491 Zohocorp Information Exposure vulnerability in Zohocorp Manageengine Applications Manager 12.0/13.0

ManageEngine Applications Manager 12 and 13 before build 13690 allows an authenticated user, who is able to access /register.do page (most likely limited to administrator), to browse the filesystem and read the system files, including Applications Manager configuration, stored private keys, etc.

6.8
2018-07-13 CVE-2016-9487 W3 XXE vulnerability in W3 Epubcheck 4.0.1

EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation.

6.8
2018-07-13 CVE-2016-6578 Getfilecloud Cross-Site Request Forgery (CSRF) vulnerability in Getfilecloud Filecloud

CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a global cross-site request forgery (CSRF) vulnerability.

6.8
2018-07-13 CVE-2016-6557 Asus Cross-Site Request Forgery (CSRF) vulnerability in Asus products

In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user.

6.8
2018-07-13 CVE-2018-1000210 Yamldotnet Project Authorization Bypass Through User-Controlled KEY vulnerability in Yamldotnet Project Yamldotnet

YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);" and blindly instantiates them.

6.8
2018-07-13 CVE-2018-1000206 Jfrog Cross-Site Request Forgery (CSRF) vulnerability in Jfrog Artifactory

JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user.

6.8
2018-07-13 CVE-2018-10018 Gdata Software Buffer Errors vulnerability in Gdata-Software Total Security 25.4.0.3

The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA Total Security 25.4.0.3 has a buffer overflow via a long IsBlackListed argument.

6.8
2018-07-13 CVE-2018-14046 Exiv2 Out-Of-Bounds Read vulnerability in Exiv2 0.26

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp.

6.8
2018-07-13 CVE-2018-14035 Hdfgroup Out-Of-Bounds Read vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

6.8
2018-07-13 CVE-2018-14034 Hdfgroup Out-Of-Bounds Read vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

6.8
2018-07-13 CVE-2018-14033 Hdfgroup Out-Of-Bounds Read vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

6.8
2018-07-13 CVE-2018-14031 Hdfgroup Out-Of-Bounds Read vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

6.8
2018-07-13 CVE-2018-14029 Creatiwity Cross-Site Request Forgery (CSRF) vulnerability in Creatiwity Witycms 0.6.2

CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.

6.8
2018-07-12 CVE-2018-14014 Super CMS Project Cross-Site Request Forgery (CSRF) vulnerability in Super CMS Project Super CMS 20150505

In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd.

6.8
2018-07-12 CVE-2018-12540 Eclipse Cross-Site Request Forgery (CSRF) vulnerability in Eclipse Vert.X

In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter.

6.8
2018-07-12 CVE-2018-10895 Qutebrowser Cross-Site Request Forgery (CSRF) vulnerability in Qutebrowser

qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs.

6.8
2018-07-11 CVE-2018-3936 Antennahouse
Linux
Out-Of-Bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1

In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution.

6.8
2018-07-11 CVE-2018-3933 Antennahouse
Linux
Out-Of-Bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1

An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312).

6.8
2018-07-11 CVE-2018-3932 Antennahouse
Linux
Out-Of-Bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1

An exploitable stack-based buffer overflow exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312).

6.8
2018-07-11 CVE-2018-3931 Antennahouse
Linux
Out-Of-Bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1

In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution.

6.8
2018-07-11 CVE-2018-3930 Antennahouse
Linux
Out-Of-Bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1

In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution.

6.8
2018-07-11 CVE-2018-3929 Antennahouse
Linux
Out-Of-Bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1

An exploitable heap corruption exists in the PowerPoint document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312).

6.8
2018-07-11 CVE-2018-11529 Debian
Videolan
USE After Free vulnerability in multiple products

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files.

6.8
2018-07-11 CVE-2018-8311 Microsoft Improper Input Validation vulnerability in Microsoft Lync and Skype for Business

A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content, aka "Remote Code Execution Vulnerability in Skype For Business and Lync." This affects Skype, Microsoft Lync.

6.8
2018-07-11 CVE-2018-8307 Microsoft Unspecified vulnerability in Microsoft products

A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects, aka "WordPad Security Feature Bypass Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

6.8
2018-07-11 CVE-2018-8260 Microsoft Improper Input Validation vulnerability in Microsoft .Net Framework 4.7.2

A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka ".NET Framework Remote Code Execution Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2.

6.8
2018-07-10 CVE-2018-13875 Hdfgroup Out-Of-Bounds Read vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

6.8
2018-07-10 CVE-2018-1458 IBM
Linux
Microsoft
Untrusted Search Path vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10,1, 10.5 and 11.1 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks.

6.8
2018-07-10 CVE-2018-13833 Cmft Project Out-Of-Bounds Write vulnerability in Cmft Project Cmft 20170924

An issue was discovered in cmft through 2017-09-24.

6.8
2018-07-09 CVE-2018-13793 Abbyy Cross-Site Request Forgery (CSRF) vulnerability in Abbyy Flexicapture

Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login.

6.8
2018-07-09 CVE-2018-1000622 Rust Lang Uncontrolled Search Path Element vulnerability in Rust-Lang Rust

The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user.

6.8
2018-07-09 CVE-2018-1000621 Mycroft
Linux
Incorrect Permission Assignment FOR Critical Resource vulnerability in Mycroft Mycroft-Core

Mycroft AI mycroft-core version 18.2.8b and earlier contains a Incorrect Access Control vulnerability in Websocket configuration that can result in code execution.

6.8
2018-07-09 CVE-2018-4998 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have a Memory corruption vulnerability.

6.8
2018-07-09 CVE-2018-4997 Adobe
Apple
Microsoft
Out-Of-Bounds Write vulnerability in Adobe products

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have an Out-of-bounds write vulnerability.

6.8
2018-07-09 CVE-2018-4990 Adobe
Apple
Microsoft
Double Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Double Free vulnerability.

6.8
2018-07-09 CVE-2018-4982 Adobe
Apple
Microsoft
Out-Of-Bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability.

6.8
2018-07-09 CVE-2018-4980 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

6.8
2018-07-09 CVE-2018-4974 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

6.8
2018-07-09 CVE-2018-4971 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

6.8
2018-07-09 CVE-2018-4954 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

6.8
2018-07-09 CVE-2018-4953 Adobe
Apple
Microsoft
Incorrect Type Conversion OR Cast vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Type Confusion vulnerability.

6.8
2018-07-09 CVE-2018-4952 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability.

6.8
2018-07-09 CVE-2018-4946 Adobe
Apple
Microsoft
Out-Of-Bounds Write vulnerability in Adobe Photoshop CC

Adobe Photoshop CC versions 19.1.3 and earlier, 18.1.3 and earlier, and 18.1.2 and earlier have an Out-of-bounds write vulnerability.

6.8
2018-07-09 CVE-2018-4945 Adobe
Apple
Linux
Microsoft
Google
Redhat
Incorrect Type Conversion OR Cast vulnerability in multiple products

Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability.

6.8
2018-07-13 CVE-2018-1000209 Sensu Incorrect Permission Assignment FOR Critical Resource vulnerability in Sensu Core

Sensu, Inc.

6.5
2018-07-13 CVE-2018-1000207 Modx Incorrect Permission Assignment FOR Critical Resource vulnerability in Modx Revolution

MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename and content.

6.5
2018-07-12 CVE-2018-12980 Wago Unrestricted Upload of File With Dangerous Type vulnerability in Wago products

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02.

6.5
2018-07-11 CVE-2017-16709 Crestron Unspecified vulnerability in Crestron Airmedia Am-100 Firmware and Airmedia Am-101 Firmware

Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote authenticated administrators to execute arbitrary code via unspecified vectors.

6.5
2018-07-11 CVE-2018-8300 Microsoft Improper Input Validation vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka "Microsoft SharePoint Remote Code Execution Vulnerability." This affects Microsoft SharePoint.

6.5
2018-07-10 CVE-2018-2436 SAP Missing Authorization vulnerability in SAP R/3 Enterprise Retail

Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

6.5
2018-07-10 CVE-2018-2427 SAP Code Injection vulnerability in SAP products

SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application.

6.5
2018-07-10 CVE-2018-1331 Apache Unspecified vulnerability in Apache Storm

In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 through 1.1.2, and 1.2.0 through 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user.

6.5
2018-07-09 CVE-2018-13790 Concretecms Server-Side Request Forgery (SSRF) vulnerability in Concretecms Concrete CMS 8.2.0

A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page.

6.5
2018-07-09 CVE-2018-1000623 Jfrog Path Traversal vulnerability in Jfrog Artifactory

JFrog JFrog Artifactory version Prior to version 6.0.3, since version 4.0.0 contains a Directory Traversal vulnerability in The "Import Repository from Zip" feature, available through the Admin menu -> Import & Export -> Repositories, triggers a vulnerable UI REST endpoint (/ui/artifactimport/upload) that can result in Directory traversal / file overwrite and remote code execution.

6.5
2018-07-09 CVE-2018-1000619 Ovidentia Unrestricted Upload of File With Dangerous Type vulnerability in Ovidentia

Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution.

6.5
2018-07-09 CVE-2018-12977 Softexpert SQL Injection vulnerability in Softexpert Excellence Suite 2.0

A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite 2.0 allows remote authenticated users to perform SQL heuristics by pulling information from the database with the "cddocument" parameter in the "Downloading Electronic Documents" section.

6.5
2018-07-13 CVE-2018-1000208 Modx Path Traversal vulnerability in Modx Revolution

MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files.

6.4
2018-07-10 CVE-2018-2437 SAP Unspecified vulnerability in SAP Internet Graphics Server

The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification.

6.4
2018-07-09 CVE-2018-6830 Foscam Path Traversal vulnerability in Foscam products

Directory traversal vulnerability in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to delete arbitrary files via a ..

6.4
2018-07-09 CVE-2018-13784 Prestashop Unspecified vulnerability in Prestashop

PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php.

6.4
2018-07-13 CVE-2016-9496 Hughes Missing Authentication FOR Critical Function vulnerability in Hughes products

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication.

6.1
2018-07-11 CVE-2018-0029 Juniper Resource Exhaustion vulnerability in Juniper Junos

While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the 'monitor traffic interface fxp0' can cause the system to crash and restart (vmcore).

6.1
2018-07-15 CVE-2018-14069 Srcms Project Cross-Site Request Forgery (CSRF) vulnerability in Srcms Project Srcms 2.3.1

An issue was discovered in SRCMS V2.3.1.

6.0
2018-07-13 CVE-2016-6565 Imagely Improper Input Validation vulnerability in Imagely Nextgen Gallery

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some circumstances (dependent on server configuration).

6.0
2018-07-13 CVE-2016-9495 Hughes USE of Hard-Coded Credentials vulnerability in Hughes products

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials.

5.8
2018-07-12 CVE-2017-14709 Komoot Improper Certificate Validation vulnerability in Komoot

The komoot GmbH "Komoot - Cycling & Hiking Maps" app before 9.3.2 -- aka komoot-cycling-hiking-maps/id447374873 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2018-07-11 CVE-2013-0594 IBM Open Redirect vulnerability in IBM Inotes

Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

5.8
2018-07-11 CVE-2018-8278 Microsoft Authentication Bypass BY Spoofing vulnerability in Microsoft Edge

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge.

5.8
2018-07-10 CVE-2018-10887 Libgit2
Debian
Incorrect Conversion Between Numeric Types vulnerability in multiple products

A flaw was found in libgit2 before version 0.27.3.

5.8
2018-07-12 CVE-2018-12979 Wago Incorrect Permission Assignment for Critical Resource vulnerability in Wago products

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02.

5.5
2018-07-10 CVE-2018-10861 Ceph
Redhat
Opensuse
Debian
Improper Authentication vulnerability in multiple products

A flaw was found in the way ceph mon handles user requests.

5.5
2018-07-09 CVE-2018-6967 Vmware
Apple
Out-Of-Bounds Read vulnerability in VMWare Esxi, Fusion and Workstation

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator.

5.5
2018-07-09 CVE-2018-6966 Vmware
Apple
Out-Of-Bounds Read vulnerability in VMWare Esxi, Fusion and Workstation

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator.

5.5
2018-07-09 CVE-2018-6965 Vmware
Apple
Out-Of-Bounds Read vulnerability in VMWare Esxi, Fusion and Workstation

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator.

5.5
2018-07-10 CVE-2018-1128 Redhat
Debian
Opensuse
Improper Authentication vulnerability in multiple products

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack.

5.4
2018-07-11 CVE-2018-8306 Microsoft Command Injection vulnerability in Microsoft Wireless Display Adapter Firmware 2.0.8350/2.0.8365/2.0.8372

A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka "Microsoft Wireless Display Adapter Command Injection Vulnerability." This affects Microsoft Wireless Display Adapter V2 Software.

5.2
2018-07-15 CVE-2018-14073 Libsixel Project Missing Release of Resource After Effective Lifetime vulnerability in Libsixel Project Libsixel 1.8.1

libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.

5.0
2018-07-15 CVE-2018-14072 Libsixel Project Missing Release of Resource After Effective Lifetime vulnerability in Libsixel Project Libsixel 1.8.1

libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c.

5.0
2018-07-15 CVE-2018-14064 Velotismart Project Path Traversal vulnerability in Velotismart Project Velotismart Wifi Firmware B380

The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80.

5.0
2018-07-15 CVE-2018-14056 ZNC
Debian
Path Traversal vulnerability in multiple products

ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories.

5.0
2018-07-13 CVE-2016-9499 Accellion Information Exposure vulnerability in Accellion FTP Server

Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid.

5.0
2018-07-13 CVE-2016-9484 Jqueryform Path Traversal vulnerability in Jqueryform PHP Formmail Generator

The generated PHP form code does not properly validate user input folder directories, allowing a remote unauthenticated attacker to perform a path traversal and access arbitrary files on the server.

5.0
2018-07-13 CVE-2016-6548 Nutspace Information Exposure vulnerability in Nutspace NUT Mobile

The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS.

5.0
2018-07-13 CVE-2016-6545 Ieasytec Session Fixation vulnerability in Ieasytec Itrackeasy

Session cookies are not used for maintaining valid sessions in iTrack Easy.

5.0
2018-07-13 CVE-2016-6544 Ieasytec Improper Authentication vulnerability in Ieasytec Itrack Easy

getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps.

5.0
2018-07-13 CVE-2018-1000211 Doorkeeper Project Incorrect Permission Assignment FOR Critical Resource vulnerability in Doorkeeper Project Doorkeeper

Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps, leaking access until expiry.

5.0
2018-07-13 CVE-2018-9067 Lenovo Unspecified vulnerability in Lenovo Help

The Lenovo Help Android app versions earlier than 6.1.2.0327 had insufficient access control for some functions which, if exploited, could have led to exposure of approximately 400 email addresses and 8,500 IMEI.

5.0
2018-07-13 CVE-2018-14051 Libwav Project Infinite Loop vulnerability in Libwav Project Libwav

The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop.

5.0
2018-07-13 CVE-2017-1367 IBM Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.2.1

IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 stores sensitive information in URL parameters.

5.0
2018-07-13 CVE-2018-14045 Surina Reachable Assertion vulnerability in Surina Soundtouch 2.0.0

The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.

5.0
2018-07-13 CVE-2018-14044 Surina Reachable Assertion vulnerability in Surina Soundtouch 2.0.0

The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.

5.0
2018-07-12 CVE-2018-14006 Ngtoken Project Integer Overflow OR Wraparound vulnerability in Ngtoken Project Ngtoken

An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract.

5.0
2018-07-12 CVE-2018-14005 Malaysiancoin Project Integer Overflow OR Wraparound vulnerability in Malaysiancoin Project Malaysiancoin

An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract.

5.0
2018-07-12 CVE-2018-14004 Globecoin Project Integer Overflow OR Wraparound vulnerability in Globecoin Project Globecoin

An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract.

5.0
2018-07-12 CVE-2018-14003 Wmctoken Project Integer Overflow OR Wraparound vulnerability in Wmctoken Project Wmctoken

An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract.

5.0
2018-07-12 CVE-2018-14002 MP3 Coin Project Integer Overflow OR Wraparound vulnerability in MP3 Coin Project MP3 Coin

An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract.

5.0
2018-07-12 CVE-2018-14001 Sharktech Project Integer Overflow OR Wraparound vulnerability in Sharktech Project Sharktech

An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract.

5.0
2018-07-12 CVE-2018-13836 Rocket Coin Project Integer Overflow OR Wraparound vulnerability in Rocket Coin Project Rocket Coin

An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract.

5.0
2018-07-12 CVE-2018-13997 Codeplea Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Codeplea Genann

Genann through 2018-07-08 has a SEGV in genann_run in genann.c.

5.0
2018-07-11 CVE-2018-0042 Juniper Information Exposure Through LOG Files vulnerability in Juniper Contrail Service Orchestration

Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an information disclosure vulnerability.

5.0
2018-07-11 CVE-2018-0032 Juniper Improper Input Validation vulnerability in Juniper Junos

The receipt of a crafted BGP UPDATE can lead to a routing process daemon (RPD) crash and restart.

5.0
2018-07-11 CVE-2018-0030 Juniper Resource Exhaustion vulnerability in Juniper Junos

Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart.

5.0
2018-07-11 CVE-2018-0026 Juniper Unspecified vulnerability in Juniper Junos 15.1/15.1X8

After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect.

5.0
2018-07-11 CVE-2013-0589 IBM Information Exposure vulnerability in IBM Inotes

IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message.

5.0
2018-07-11 CVE-2018-8310 Microsoft Unspecified vulnerability in Microsoft Office and Word

A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails, aka "Microsoft Office Tampering Vulnerability." This affects Microsoft Word, Microsoft Office.

5.0
2018-07-11 CVE-2018-8171 Microsoft Improper Authentication vulnerability in Microsoft products

A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability." This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2.

5.0
2018-07-10 CVE-2018-13863 Mongodb Unspecified vulnerability in Mongodb Js-Bson

The MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS) in lib/bson/decimal128.js.

5.0
2018-07-10 CVE-2018-2438 SAP Unspecified vulnerability in SAP Internet Graphics Server

The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

5.0
2018-07-10 CVE-2018-2433 SAP Unspecified vulnerability in SAP Kernel

SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.53) allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

5.0
2018-07-10 CVE-2018-13848 Axiosys Buffer Errors vulnerability in Axiosys Bento4 1.5.1624

An issue has been found in Bento4 1.5.1-624.

5.0
2018-07-10 CVE-2018-13847 Axiosys Buffer Errors vulnerability in Axiosys Bento4 1.5.1624

An issue has been found in Bento4 1.5.1-624.

5.0
2018-07-10 CVE-2018-13844 Htslib Missing Release of Resource After Effective Lifetime vulnerability in Htslib 1.8

An issue has been found in HTSlib 1.8.

5.0
2018-07-10 CVE-2018-13843 Htslib Missing Release of Resource After Effective Lifetime vulnerability in Htslib 1.8

** DISPUTED ** An issue has been found in HTSlib 1.8.

5.0
2018-07-10 CVE-2018-12461 Netiq Improper Certificate Validation vulnerability in Netiq Edirectory 9.1.1

Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation.

5.0
2018-07-10 CVE-2018-10890 Moodle Information Exposure vulnerability in Moodle

A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13.

5.0
2018-07-10 CVE-2018-10889 Moodle Information Exposure Through LOG Files vulnerability in Moodle

A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7.

5.0
2018-07-10 CVE-2018-1337 Apache Information Exposure vulnerability in Apache Directory Ldap API

In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contained in this request (including the credentials when sending a BIND request).

5.0
2018-07-10 CVE-2018-12230 Remicoin Project Integer Underflow (Wrap OR Wraparound) vulnerability in Remicoin Project Remicoin

An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin (RMC), an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks.

5.0
2018-07-10 CVE-2016-10726 Duraspace Path Traversal vulnerability in Duraspace Dspace

The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI.

5.0
2018-07-09 CVE-2018-13795 Creolabs Improper Input Validation vulnerability in Creolabs Gravity

Gravity before 0.5.1 does not support a maximum recursion depth.

5.0
2018-07-09 CVE-2018-1000620 Cryptiles Project Insufficient Entropy vulnerability in Cryptiles Project Cryptiles 4.1.1

Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331: Insufficient Entropy vulnerability in randomDigits() method that can result in An attacker is more likely to be able to brute force something that was supposed to be random..

5.0
2018-07-09 CVE-2018-1000617 Atlassian Improper Input Validation vulnerability in Atlassian Floodlight Controller

Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and earlier versions contains a Denial of Service vulnerability in Forwarding module that can result in Improper type cast in Forwarding module allows remote attackers to cause a DoS(thread crash)..

5.0
2018-07-09 CVE-2018-1000615 Onosproject Unspecified vulnerability in Onosproject Onos

ONOS ONOS Controller version 1.13.1 and earlier contains a Denial of Service (Service crash) vulnerability in OVSDB component in ONOS that can result in An adversary can remotely crash OVSDB service ONOS controller via a normal switch..

5.0
2018-07-09 CVE-2018-4993 Adobe
Apple
Microsoft
Information Exposure vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an NTLM SSO hash theft vulnerability.

5.0
2018-07-09 CVE-2018-4986 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4985 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4981 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4976 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4975 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4973 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4970 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4969 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4967 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4965 Adobe
Apple
Microsoft
Information Exposure vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Memory Corruption vulnerability.

5.0
2018-07-09 CVE-2018-4964 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4963 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4962 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4960 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4957 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4956 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4955 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-4949 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

5.0
2018-07-09 CVE-2018-13034 Jester Project Path Traversal vulnerability in Jester Project Jester 0.2.0

Directory traversal in Jester web framework 0.2.0 allows remote attackers to fetch files in arbitrary locations via "..%f" sequences.

5.0
2018-07-09 CVE-2013-3017 IBM Cryptographic Issues vulnerability in IBM Tivoli Application Dependency Discovery Manager

IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers.

5.0
2018-07-09 CVE-2013-3001 IBM Path Traversal vulnerability in IBM Infosphere Data Replication Dashboard 10.1/9.7

Directory traversal vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to read arbitrary files via unspecified vectors.

5.0
2018-07-09 CVE-2018-1000402 Jenkins Information Exposure vulnerability in Jenkins AWS Codedeploy

Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a File and Directory Information Exposure vulnerability in AWSCodeDeployPublisher.java that can result in Disclosure of environment variables.

5.0
2018-07-09 CVE-2018-11543 Ribboncommunications Path Traversal vulnerability in Ribboncommunications products

A Local File Inclusion (LFI) vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows for the downloading of arbitrary files via an unspecified vector.

5.0
2018-07-09 CVE-2018-13783 Jiucaitoken Project Integer Overflow OR Wraparound vulnerability in Jiucaitoken Project Jiucaitoken

The mintToken function of a smart contract implementation for JiucaiToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13782 Entercoin Project Integer Overflow OR Wraparound vulnerability in Entercoin Project Entercoin

The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13781 Myylctoken Project Integer Overflow OR Wraparound vulnerability in Myylctoken Project Myylctoken

The mintToken function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13780 ESH Project Integer Overflow OR Wraparound vulnerability in ESH Project ESH

The mintToken function of a smart contract implementation for ESH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13779 Ylctoken Project Integer Overflow OR Wraparound vulnerability in Ylctoken Project Ylctoken

The mintToken function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13778 Cgctoken Project Integer Overflow OR Wraparound vulnerability in Cgctoken Project Cgctoken

The mintToken function of a smart contract implementation for CGCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13777 Rrtoken Project Integer Overflow OR Wraparound vulnerability in Rrtoken Project Rrtoken

The mintToken function of a smart contract implementation for RRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13776 Appletoken Project Integer Overflow OR Wraparound vulnerability in Appletoken Project Appletoken

The mintToken function of a smart contract implementation for AppleToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13775 Rckt Coin Project Integer Overflow OR Wraparound vulnerability in Rckt Coin Project Rckt Coin

The mintToken function of a smart contract implementation for RCKT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13774 Bitstarti Project Integer Overflow OR Wraparound vulnerability in Bitstarti Project Bitstarti

The mintToken function of a smart contract implementation for Bitstarti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13773 Netkillertoken Project Integer Overflow OR Wraparound vulnerability in Netkillertoken Project Netkillertoken

The mintToken function of a smart contract implementation for Enterprise Token Ecosystem (ETE) (Contract Name: NetkillerToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13772 Theflashtoken Project Integer Overflow OR Wraparound vulnerability in Theflashtoken Project Theflashtoken

The mintToken function of a smart contract implementation for TheFlashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13771 Exacorecontract Project Integer Overflow OR Wraparound vulnerability in Exacorecontract Project Exacorecontract

The mintToken function of a smart contract implementation for ExacoreContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13770 Ultimatecoin Project Integer Overflow OR Wraparound vulnerability in Ultimatecoin Project Ultimatecoin

The mintToken function of a smart contract implementation for UltimateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13769 Jeanstoken Project Integer Overflow OR Wraparound vulnerability in Jeanstoken Project Jeanstoken

The mintToken function of a smart contract implementation for JeansToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13768 Ztoken Project Integer Overflow OR Wraparound vulnerability in Ztoken Project Ztoken

The mintToken function of a smart contract implementation for ZToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13767 Cornerstone Project Integer Overflow OR Wraparound vulnerability in Cornerstone Project Cornerstone

The mintToken function of a smart contract implementation for Cornerstone, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13766 Easticoin Project Integer Overflow OR Wraparound vulnerability in Easticoin Project Easticoin

The mintToken function of a smart contract implementation for Easticoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13765 Landcoin Project Integer Overflow OR Wraparound vulnerability in Landcoin Project Landcoin

The mintToken function of a smart contract implementation for LandCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13764 Biqutoken Project Integer Overflow OR Wraparound vulnerability in Biqutoken Project Biqutoken

The mintToken function of a smart contract implementation for BiquToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13763 Ublasti Project Integer Overflow OR Wraparound vulnerability in Ublasti Project Ublasti

The mintToken function of a smart contract implementation for Ublasti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13762 Yumerium Project Integer Overflow OR Wraparound vulnerability in Yumerium Project Yumerium

The mintToken function of a smart contract implementation for Yumerium, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13761 Netkilleradvancedtokenairdrop Project Integer Overflow OR Wraparound vulnerability in Netkilleradvancedtokenairdrop Project Netkilleradvancedtokenairdrop

The mintToken function of a smart contract implementation for NetkillerAdvancedTokenAirDrop, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13760 Moneychainnettoken Project Integer Overflow OR Wraparound vulnerability in Moneychainnettoken Project Moneychainnettoken

The mintToken function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13759 Bigcadvancedtoken Project Integer Overflow OR Wraparound vulnerability in Bigcadvancedtoken Project Bigcadvancedtoken

The mintToken function of a smart contract implementation for BIGCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13758 Lolicoin Project Integer Overflow OR Wraparound vulnerability in Lolicoin Project Lolicoin

The mintToken function of a smart contract implementation for LoliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13757 Coinquer Project Integer Overflow OR Wraparound vulnerability in Coinquer Project Coinquer

The mintToken function of a smart contract implementation for Coinquer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13756 Cherrycoinfoundation Project Integer Overflow OR Wraparound vulnerability in Cherrycoinfoundation Project Cherrycoinfoundation

The mintToken function of a smart contract implementation for CherryCoinFoundation, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13755 Otakutoken Project Integer Overflow OR Wraparound vulnerability in Otakutoken Project Otakutoken

The mintToken function of a smart contract implementation for OTAKUToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13754 Cryptosistoken Project Integer Overflow OR Wraparound vulnerability in Cryptosistoken Project Cryptosistoken

The mintToken function of a smart contract implementation for CryptosisToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13753 Deweisecurityservicetoken Project Integer Overflow OR Wraparound vulnerability in Deweisecurityservicetoken Project Deweisecurityservicetoken

The mintToken function of a smart contract implementation for DeWeiSecurityServiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13752 Thread Project Integer Overflow OR Wraparound vulnerability in Thread Project Thread

The mintToken function of a smart contract implementation for Thread, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13751 Justwallet Project Integer Overflow OR Wraparound vulnerability in Justwallet Project Justwallet

The mintToken function of a smart contract implementation for JustWallet, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13750 Richiumtoken Project Integer Overflow OR Wraparound vulnerability in Richiumtoken Project Richiumtoken

The mintToken function of a smart contract implementation for RichiumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13749 Finaltoken Project Integer Overflow OR Wraparound vulnerability in Finaltoken Project Finaltoken

The mintToken function of a smart contract implementation for FinalToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13748 Cartoken Project Integer Overflow OR Wraparound vulnerability in Cartoken Project Cartoken

The mintToken function of a smart contract implementation for CarToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13747 Vanminhcoin Project Integer Overflow OR Wraparound vulnerability in Vanminhcoin Project Vanminhcoin

The mintToken function of a smart contract implementation for VanMinhCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13746 Kbit Project Integer Overflow OR Wraparound vulnerability in Kbit Project Kbit

The mintToken function of a smart contract implementation for kBit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13745 Stctoken Project Integer Overflow OR Wraparound vulnerability in Stctoken Project Stctoken

The mintToken function of a smart contract implementation for STCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13744 Crowdnext Project Integer Overflow OR Wraparound vulnerability in Crowdnext Project Crowdnext

The mintToken function of a smart contract implementation for Crowdnext (CNX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13743 Sectoken Project Integer Overflow OR Wraparound vulnerability in Sectoken Project Sectoken

The mintToken function of a smart contract implementation for SuperEnergy (SEC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13742 Tickets Project Integer Overflow OR Wraparound vulnerability in Tickets Project Tickets

The mintToken function of a smart contract implementation for tickets (TKT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13741 Ablgenesistoken Project Integer Overflow OR Wraparound vulnerability in Ablgenesistoken Project Ablgenesistoken

The mintToken function of a smart contract implementation for ABLGenesisToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13740 Onechain Project Integer Overflow OR Wraparound vulnerability in Onechain Project Onechain

The mintToken function of a smart contract implementation for OneChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13739 Dopnetwork Project Integer Overflow OR Wraparound vulnerability in Dopnetwork Project Dopnetwork

The mintToken function of a smart contract implementation for dopnetwork, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13738 Pelocointoken Project Integer Overflow OR Wraparound vulnerability in Pelocointoken Project Pelocointoken

The mintToken function of a smart contract implementation for PELOCoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13737 Anovabace Project Integer Overflow OR Wraparound vulnerability in Anovabace Project Anovabace

The mintToken function of a smart contract implementation for AnovaBace, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13736 Elearningcoinerc Project Integer Overflow OR Wraparound vulnerability in Elearningcoinerc Project Elearningcoinerc

The mintToken function of a smart contract implementation for ELearningCoinERC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13735 Entertoken Project Integer Overflow OR Wraparound vulnerability in Entertoken Project Entertoken

The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13734 Azttoken Project Integer Overflow OR Wraparound vulnerability in Azttoken Project Azttoken

The mintToken function of a smart contract implementation for AZTToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13733 Projectj Project Integer Overflow OR Wraparound vulnerability in Projectj Project Projectj

The mintToken function of a smart contract implementation for ProjectJ, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13732 Riptidecoin Project Integer Overflow OR Wraparound vulnerability in Riptidecoin Project Riptidecoin

The mintToken function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13731 Tokenmachu Project Integer Overflow OR Wraparound vulnerability in Tokenmachu Project Tokenmachu

The mintToken function of a smart contract implementation for TokenMACHU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13730 HEY Project Integer Overflow OR Wraparound vulnerability in HEY Project HEY

The mintToken function of a smart contract implementation for HEY, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13729 Jpmd100B Project Integer Overflow OR Wraparound vulnerability in Jpmd100B Project Jpmd100B

The mintToken function of a smart contract implementation for JPMD100B, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13728 Jixocoin Project Integer Overflow OR Wraparound vulnerability in Jixocoin Project Jixocoin

The mintToken function of a smart contract implementation for JixoCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13727 Eastcoin Project Integer Overflow OR Wraparound vulnerability in Eastcoin Project Eastcoin

The mintToken function of a smart contract implementation for Eastcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13726 Iseevoicetoken Project Integer Overflow OR Wraparound vulnerability in Iseevoicetoken Project Iseevoicetoken

The mintToken function of a smart contract implementation for ISeeVoiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13725 Globalsupergametoken Project Integer Overflow OR Wraparound vulnerability in Globalsupergametoken Project Globalsupergametoken

The mintToken function of a smart contract implementation for GlobalSuperGameToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13724 Hyipcrowdsale1 Project Integer Overflow OR Wraparound vulnerability in Hyipcrowdsale1 Project Hyipcrowdsale1

The mint function of a smart contract implementation for HYIPCrowdsale1, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13723 Servviziotoken Project Integer Overflow OR Wraparound vulnerability in Servviziotoken Project Servviziotoken

The mintToken function of a smart contract implementation for SERVVIZIOToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13722 Hyiptoken Project Integer Overflow OR Wraparound vulnerability in Hyiptoken Project Hyiptoken

The mint function of a smart contract implementation for HYIPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13721 Gomineworld Project Integer Overflow OR Wraparound vulnerability in Gomineworld Project Gomineworld

The mintToken function of a smart contract implementation for GoMineWorld, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13720 Landcoin Project Integer Overflow OR Wraparound vulnerability in Landcoin Project Landcoin

The mintToken function of a smart contract implementation for Antoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13719 Bitedutoken Project Integer Overflow OR Wraparound vulnerability in Bitedutoken Project Bitedutoken

The mintToken function of a smart contract implementation for BiteduToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13718 Futurxe Integer Overflow OR Wraparound vulnerability in Futurxe

The mintToken function of a smart contract implementation for FuturXe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13717 Hormitechtoken Project Integer Overflow OR Wraparound vulnerability in Hormitechtoken Project Hormitechtoken

The mintToken function of a smart contract implementation for HormitechToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13716 Sexhdsolo Project Integer Overflow OR Wraparound vulnerability in Sexhdsolo Project Sexhdsolo

The mintToken function of a smart contract implementation for sexhdsolo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13715 Bpstoken Project Integer Overflow OR Wraparound vulnerability in Bpstoken Project Bpstoken

The mintToken function of a smart contract implementation for BpsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13714 CM Project Integer Overflow OR Wraparound vulnerability in CM Project CM

The mintToken function of a smart contract implementation for CM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13713 Tradesman Project Integer Overflow OR Wraparound vulnerability in Tradesman Project Tradesman

The mintToken function of a smart contract implementation for Tradesman, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13712 Pmet Project Integer Overflow OR Wraparound vulnerability in Pmet Project Pmet

The mintToken function of a smart contract implementation for PMET, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13711 Databits Project Integer Overflow OR Wraparound vulnerability in Databits Project Databits

The mintToken function of a smart contract implementation for Databits, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13710 Mjolnir Project Integer Overflow OR Wraparound vulnerability in Mjolnir Project Mjolnir

The mintToken function of a smart contract implementation for Mjolnir, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13709 Diytubecoin Project Integer Overflow OR Wraparound vulnerability in Diytubecoin Project Diytubecoin

The mintToken function of a smart contract implementation for Tube, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13708 Buytoken Project Integer Overflow OR Wraparound vulnerability in Buytoken Project Buytoken

The mintToken function of a smart contract implementation for Order (ETH) (Contract Name: BuyToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13707 YSS Project Integer Overflow OR Wraparound vulnerability in YSS Project YSS

The mintToken function of a smart contract implementation for YSS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13706 Ideacoin Project Integer Overflow OR Wraparound vulnerability in Ideacoin Project Ideacoin

The mintToken function of a smart contract implementation for IdeaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13705 Pmhtoken Project Integer Overflow OR Wraparound vulnerability in Pmhtoken Project Pmhtoken

The mintToken function of a smart contract implementation for PMHToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13704 Eddtoken Project Integer Overflow OR Wraparound vulnerability in Eddtoken Project Eddtoken

The mintToken function of a smart contract implementation for eddToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13703 Cerb Coin Project Integer Overflow OR Wraparound vulnerability in Cerb Coin Project Cerb Coin

The mintToken function of a smart contract implementation for CERB_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13702 Essence Project Integer Overflow OR Wraparound vulnerability in Essence Project Essence

The mintToken function of a smart contract implementation for Essence, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13701 Kissme Project Integer Overflow OR Wraparound vulnerability in Kissme Project Kissme

The mintToken function of a smart contract implementation for KissMe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13700 Ipmcoin Project Integer Overflow OR Wraparound vulnerability in Ipmcoin Project Ipmcoin

The mintToken function of a smart contract implementation for IPMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13699 Destineedtoken Project Integer Overflow OR Wraparound vulnerability in Destineedtoken Project Destineedtoken

The mintToken function of a smart contract implementation for DestiNeed (DSN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13698 Play2Livepromo Project Integer Overflow OR Wraparound vulnerability in Play2Livepromo Project Play2Livepromo

The mintTokens function of a smart contract implementation for Play2LivePromo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13697 Robotbtc Project Integer Overflow OR Wraparound vulnerability in Robotbtc Project Robotbtc

The mintToken function of a smart contract implementation for RobotBTC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13696 Redticket Project Integer Overflow OR Wraparound vulnerability in Redticket Project Redticket

The mintToken function of a smart contract implementation for RedTicket, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13695 Ctest7 Project Integer Overflow OR Wraparound vulnerability in Ctest7 Project Ctest7

The mint function of a smart contract implementation for CTest7, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13694 Gmile Project Integer Overflow OR Wraparound vulnerability in Gmile Project Gmile

The mintToken function of a smart contract implementation for GMile, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13693 Greenenergytoken Project Integer Overflow OR Wraparound vulnerability in Greenenergytoken Project Greenenergytoken

The mintToken function of a smart contract implementation for GreenEnergyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13692 Mehditazitoken Project Integer Overflow OR Wraparound vulnerability in Mehditazitoken Project Mehditazitoken

The mintToken function of a smart contract implementation for MehdiTAZIToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13691 Rtokenmain Project Integer Overflow OR Wraparound vulnerability in Rtokenmain Project Rtokenmain

The mintToken function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13690 Instacocoa Project Integer Overflow OR Wraparound vulnerability in Instacocoa Project Instacocoa

The mintToken function of a smart contract implementation for Instacocoa, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13689 Cjxtoken Project Integer Overflow OR Wraparound vulnerability in Cjxtoken Project Cjxtoken

The mintToken function of a smart contract implementation for CJXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13688 Malltoken Project Integer Overflow OR Wraparound vulnerability in Malltoken Project Malltoken

The mintToken function of a smart contract implementation for MallToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13687 Normikaivo Project Integer Overflow OR Wraparound vulnerability in Normikaivo Project Normikaivo

The mintToken function of a smart contract implementation for normikaivo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13686 Icodollar Project Integer Overflow OR Wraparound vulnerability in Icodollar Project Icodollar

The mintToken function of a smart contract implementation for ICO Dollar (ICOD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13685 Vornoxcointoken Project Integer Overflow OR Wraparound vulnerability in Vornoxcointoken Project Vornoxcointoken

The mintToken function of a smart contract implementation for Vornox (VRX) (Contract Name: VornoxCoinToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13684 ZIP Project Integer Overflow OR Wraparound vulnerability in ZIP Project ZIP

The mintToken function of a smart contract implementation for ZIP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13683 Exsulcoin Project Integer Overflow OR Wraparound vulnerability in Exsulcoin Project Exsulcoin

The mintToken function of a smart contract implementation for exsulcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13682 Vitemoneycoin Project Integer Overflow OR Wraparound vulnerability in Vitemoneycoin Project Vitemoneycoin

The mintToken function of a smart contract implementation for ViteMoneyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13681 Soscoin Project Integer Overflow OR Wraparound vulnerability in Soscoin Project Soscoin

The mintToken function of a smart contract implementation for SOSCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13680 Lexittoken Project Integer Overflow OR Wraparound vulnerability in Lexittoken Project Lexittoken

The mintToken function of a smart contract implementation for LexitToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13679 Zpecoin Project Integer Overflow OR Wraparound vulnerability in Zpecoin Project Zpecoin

The mintToken function of a smart contract implementation for ZPEcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13678 Lottery Project Integer Overflow OR Wraparound vulnerability in Lottery Project Lottery

The mintToken function of a smart contract implementation for Lottery, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13677 Goochain Project Integer Overflow OR Wraparound vulnerability in Goochain Project Goochain

The mintToken function of a smart contract implementation for Goochain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13676 Orderbookpresaletoken Project Integer Overflow OR Wraparound vulnerability in Orderbookpresaletoken Project Orderbookpresaletoken

The mintToken function of a smart contract implementation for Orderbook Presale Token (OBP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13675 Yambyo Project Integer Overflow OR Wraparound vulnerability in Yambyo Project Yambyo

The mintToken function of a smart contract implementation for YAMBYO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13674 Combilladvancedtoken Project Integer Overflow OR Wraparound vulnerability in Combilladvancedtoken Project Combilladvancedtoken

The mintToken function of a smart contract implementation for ComBillAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13673 Goldtokenerc20 Project Integer Overflow OR Wraparound vulnerability in Goldtokenerc20 Project Goldtokenerc20

The mintToken function of a smart contract implementation for GoldTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13672 Obtcoin Project Integer Overflow OR Wraparound vulnerability in Obtcoin Project Obtcoin

The mintToken function of a smart contract implementation for OBTCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13671 Dinsteincoin Project Integer Overflow OR Wraparound vulnerability in Dinsteincoin Project Dinsteincoin

The mintToken function of a smart contract implementation for DinsteinCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13670 Gfcoin Integer Overflow OR Wraparound vulnerability in Gfcoin Gfcb

The mintToken function of a smart contract implementation for GFCB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13669 NCU Project Integer Overflow OR Wraparound vulnerability in NCU Project NCU

The mintToken function of a smart contract implementation for NCU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13668 Btpcoin Project Integer Overflow OR Wraparound vulnerability in Btpcoin Project Btpcoin

The mintToken function of a smart contract implementation for BTPCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13667 Utbtokentest Project Integer Overflow OR Wraparound vulnerability in Utbtokentest Project Utbtokentest

The mintToken function of a smart contract implementation for UTBTokenTest, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13666 Eristicaico Project Integer Overflow OR Wraparound vulnerability in Eristicaico Project Eristicaico

The mintToken function of a smart contract implementation for EristicaICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13665 Bcaas Project Integer Overflow OR Wraparound vulnerability in Bcaas Project Bcaas

The mintToken function of a smart contract implementation for BCaaS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13664 CWS Project Integer Overflow OR Wraparound vulnerability in CWS Project CWS

The mintToken function of a smart contract implementation for CWS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13663 Bsctoken Project Integer Overflow OR Wraparound vulnerability in Bsctoken Project Bsctoken

The mintToken function of a smart contract implementation for BSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13662 Worldopctionchain Project Integer Overflow OR Wraparound vulnerability in Worldopctionchain Project Worldopctionchain

The mintToken function of a smart contract implementation for WorldOpctionChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13661 APP Project Integer Overflow OR Wraparound vulnerability in APP Project APP

The mintToken function of a smart contract implementation for APP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13660 Billionrewardstoken Project Integer Overflow OR Wraparound vulnerability in Billionrewardstoken Project Billionrewardstoken

The mint function of a smart contract implementation for BillionRewardsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13659 Briancoin Project Integer Overflow OR Wraparound vulnerability in Briancoin Project Briancoin

The mintToken function of a smart contract implementation for BrianCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13658 Thegodgital Project Integer Overflow OR Wraparound vulnerability in Thegodgital Project Thegodgital

The mintToken function of a smart contract implementation for TheGoDgital, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13657 Rice Project Integer Overflow OR Wraparound vulnerability in Rice Project Rice

The mintToken function of a smart contract implementation for Rice, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13656 Cashbackmintable Project Integer Overflow OR Wraparound vulnerability in Cashbackmintable Project Cashbackmintable

The mintToken function of a smart contract implementation for Sample Token (STK) (Contract Name: cashBackMintable), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13655 Gfcoin Integer Overflow OR Wraparound vulnerability in Gfcoin Gfcb

The mintToken function of a smart contract implementation for GFC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13654 Ests Integer Overflow OR Wraparound vulnerability in Ests Eststoken

The mintToken function of a smart contract implementation for ESTSToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13653 Ipshoots Project Integer Overflow OR Wraparound vulnerability in Ipshoots Project Ipshoots

The mintToken function of a smart contract implementation for ipshoots, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13652 Thegodigital Project Integer Overflow OR Wraparound vulnerability in Thegodigital Project Thegodigital

The mintToken function of a smart contract implementation for TheGoDigital, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13651 Micoinnetworktoken Project Integer Overflow OR Wraparound vulnerability in Micoinnetworktoken Project Micoinnetworktoken

The mintToken function of a smart contract implementation for MicoinNetworkToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13650 Bitmaxertoken Project Integer Overflow OR Wraparound vulnerability in Bitmaxertoken Project Bitmaxertoken

The mintToken function of a smart contract implementation for BitmaxerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13649 Tokitdeployer Project Integer Overflow OR Wraparound vulnerability in Tokitdeployer Project Tokitdeployer

The mintToken function of a smart contract implementation for Deploy, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13648 Bgcgtoken Project Integer Overflow OR Wraparound vulnerability in Bgcgtoken Project Bgcgtoken

The mintToken function of a smart contract implementation for BGC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13647 Truegoldcoin Integer Overflow OR Wraparound vulnerability in Truegoldcoin Truegoldcointoken

The mintToken function of a smart contract implementation for TrueGoldCoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13646 Datiac Project Integer Overflow OR Wraparound vulnerability in Datiac Project Datiac

The mintToken function of a smart contract implementation for Datiac, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13645 Fiocoin Project Integer Overflow OR Wraparound vulnerability in Fiocoin Project Fiocoin

The mintToken function of a smart contract implementation for Fiocoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13644 Royalclassiccoin Project Integer Overflow OR Wraparound vulnerability in Royalclassiccoin Project Royalclassiccoin

The mintToken function of a smart contract implementation for RoyalClassicCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13643 Gcrtokenerc20 Project Integer Overflow OR Wraparound vulnerability in Gcrtokenerc20 Project Gcrtokenerc20

The mintToken function of a smart contract implementation for GCRTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13642 Secoin Project Integer Overflow OR Wraparound vulnerability in Secoin Project Secoin

The mintToken function of a smart contract implementation for SECoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13641 Mvgcoin Project Integer Overflow OR Wraparound vulnerability in Mvgcoin Project Mvgcoin

The mintToken function of a smart contract implementation for MVGcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13640 Ethereumsmart Project Integer Overflow OR Wraparound vulnerability in Ethereumsmart Project Ethereumsmart

The mintToken function of a smart contract implementation for EthereumSmart, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13639 VEU Tokenerc20 Project Integer Overflow OR Wraparound vulnerability in VEU Tokenerc20 Project VEU Tokenerc20

The mintToken function of a smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13638 Bitpark Project Integer Overflow OR Wraparound vulnerability in Bitpark Project Bitpark

The mintToken function of a smart contract implementation for Bitpark, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13637 Cikkaa Integer Overflow OR Wraparound vulnerability in Cikkaa Cikkacoin

The mintToken function of a smart contract implementation for CikkaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13636 Turdcoin Project Integer Overflow OR Wraparound vulnerability in Turdcoin Project Turdcoin

The mintToken function of a smart contract implementation for TurdCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13635 Hbcm Project Integer Overflow OR Wraparound vulnerability in Hbcm Project Hbcm

The mintToken function of a smart contract implementation for HBCM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13634 MCT Integer Overflow OR Wraparound vulnerability in MCT Mediacubetoken

The mintToken function of a smart contract implementation for MediaCubeToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13633 Martcoin Integer Overflow OR Wraparound vulnerability in Martcoin

The mintToken function of a smart contract implementation for Martcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13632 Nexpara Project Integer Overflow OR Wraparound vulnerability in Nexpara Project Nexpara

The mintToken function of a smart contract implementation for NEXPARA, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13631 DOC Coin Integer Overflow OR Wraparound vulnerability in Doc-Coin Doccoin

The mintToken function of a smart contract implementation for doccoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13630 Doccoinpreico Project Integer Overflow OR Wraparound vulnerability in Doccoinpreico Project Doccoinpreico

The mintToken function of a smart contract implementation for DoccoinPreICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13629 Crimsonshilling Project Integer Overflow OR Wraparound vulnerability in Crimsonshilling Project Crimsonshilling

The mintToken function of a smart contract implementation for CrimsonShilling, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13628 Momentumprotocol Integer Overflow OR Wraparound vulnerability in Momentumprotocol Momentumtoken

The mintToken function of a smart contract implementation for MomentumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13627 Myoffer Project Integer Overflow OR Wraparound vulnerability in Myoffer Project Myoffer

The mintToken function of a smart contract implementation for MyOffer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13626 Semaintoken Project Integer Overflow OR Wraparound vulnerability in Semaintoken Project Semaintoken

The mintToken function of a smart contract implementation for SemainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13625 Plutocracy Integer Overflow OR Wraparound vulnerability in Plutocracy Krown

The mintlvlToken function of a smart contract implementation for Krown, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13624 Wxsltoken Project Integer Overflow OR Wraparound vulnerability in Wxsltoken Project Wxsltoken

The mintToken function of a smart contract implementation for WXSLToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13623 Cryptics Integer Overflow OR Wraparound vulnerability in Cryptics Airdroppercryptics

The mintToken function of a smart contract implementation for AirdropperCryptics, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13622 Objectledger Integer Overflow OR Wraparound vulnerability in Objectledger Objecttoken

The mintToken function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13621 Soundtribetoken Project Integer Overflow OR Wraparound vulnerability in Soundtribetoken Project Soundtribetoken

The mintToken function of a smart contract implementation for SoundTribeToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13620 Tripcash Project Integer Overflow OR Wraparound vulnerability in Tripcash Project Tripcash

The mintToken function of a smart contract implementation for TripCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13619 Micointoken Project Integer Overflow OR Wraparound vulnerability in Micointoken Project Micointoken

The mintToken function of a smart contract implementation for MicoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13618 Vicetoken ICO IS A Scam Project Integer Overflow OR Wraparound vulnerability in Vicetoken ICO IS A Scam Project Vicetoken ICO IS A Scam

The mintToken function of a smart contract implementation for VICETOKEN_ICO_IS_A_SCAM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13617 Captoz Project Integer Overflow OR Wraparound vulnerability in Captoz Project Captoz

The mintToken function of a smart contract implementation for CAPTOZ, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13616 Ioct Coin Project Integer Overflow OR Wraparound vulnerability in Ioct Coin Project Ioct Coin

The mintToken function of a smart contract implementation for IOCT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13615 Mjctoken Project Integer Overflow OR Wraparound vulnerability in Mjctoken Project Mjctoken

The mintToken function of a smart contract implementation for MJCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13614 Mavcash Project Integer Overflow OR Wraparound vulnerability in Mavcash Project Mavcash

The mintToken function of a smart contract implementation for MAVCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13613 Con0217 Project Integer Overflow OR Wraparound vulnerability in Con0217 Project Con0217

The mintToken function of a smart contract implementation for CON0217, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13612 Robincoin Project Integer Overflow OR Wraparound vulnerability in Robincoin Project Robincoin

The mintToken function of a smart contract implementation for Robincoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13611 Ucoincorp Integer Overflow OR Wraparound vulnerability in Ucoincorp Cdcurrency

The mintToken function of a smart contract implementation for CDcurrency, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13610 Medicayunlink Integer Overflow OR Wraparound vulnerability in Medicayunlink

The mintToken function of a smart contract implementation for MedicayunLink, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13609 CSA Estate Integer Overflow OR Wraparound vulnerability in Csa-Estate Csatoken

The mintToken function of a smart contract implementation for CSAToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13608 Archercoin Project Integer Overflow OR Wraparound vulnerability in Archercoin Project Archercoin

The mintToken function of a smart contract implementation for archercoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13607 Residualshare Project Integer Overflow OR Wraparound vulnerability in Residualshare Project Residualshare

The mintToken function of a smart contract implementation for ResidualShare, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13606 Archain Project Integer Overflow OR Wraparound vulnerability in Archain Project Archain

The mintToken function of a smart contract implementation for ARChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13605 Extremetoken Project Integer Overflow OR Wraparound vulnerability in Extremetoken Project Extremetoken

The mintToken function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13604 Wellieat Project Integer Overflow OR Wraparound vulnerability in Wellieat Project Wellieat

The mintToken function of a smart contract implementation for wellieat, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13603 Briant2Token Project Integer Overflow OR Wraparound vulnerability in Briant2Token Project Briant2Token

The mintToken function of a smart contract implementation for Briant2Token, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13602 Marcelominingtoken Project Integer Overflow OR Wraparound vulnerability in Marcelominingtoken Project Marcelominingtoken

The mint function of a smart contract implementation for MiningToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13601 Galacticx Project Integer Overflow OR Wraparound vulnerability in Galacticx Project Galacticx

The mintToken function of a smart contract implementation for GalacticX, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13600 Amtoken Project Integer Overflow OR Wraparound vulnerability in Amtoken Project Amtoken

The mintToken function of a smart contract implementation for AMToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13599 Residualvalue Project Integer Overflow OR Wraparound vulnerability in Residualvalue Project Residualvalue

The mintToken function of a smart contract implementation for ResidualValue, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13598 Sendme Project Integer Overflow OR Wraparound vulnerability in Sendme Project Sendme

The mintToken function of a smart contract implementation for SendMe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13597 Testcoin Project Integer Overflow OR Wraparound vulnerability in Testcoin Project Testcoin

The mintToken function of a smart contract implementation for testcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13596 Testahihi Project Integer Overflow OR Wraparound vulnerability in Testahihi Project Testahihi

The mintToken function of a smart contract implementation for TESTAhihi, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13595 Bitstore Project Integer Overflow OR Wraparound vulnerability in Bitstore Project Bitstore

The mintToken function of a smart contract implementation for BitStore, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13594 Cardfactory Project Integer Overflow OR Wraparound vulnerability in Cardfactory Project Cardfactory

The mintToken function of a smart contract implementation for CardFactory, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13593 Osscardtoken Project Integer Overflow OR Wraparound vulnerability in Osscardtoken Project Osscardtoken

The mintToken function of a smart contract implementation for CardToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13592 Rajtestico Project Integer Overflow OR Wraparound vulnerability in Rajtestico Project Rajtestico

The mintToken function of a smart contract implementation for RajTest, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13591 Kapcoin Project Integer Overflow OR Wraparound vulnerability in Kapcoin Project Kapcoin

The mintToken function of a smart contract implementation for KAPcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13590 Sipcoin Integer Overflow OR Wraparound vulnerability in Sipcoin

The mintToken function of a smart contract implementation for SIPCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13589 Mooadvtoken Project Integer Overflow OR Wraparound vulnerability in Mooadvtoken Project Mooadvtoken

The mintToken function of a smart contract implementation for MooAdvToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13588 Code47 Integer Overflow OR Wraparound vulnerability in Code47

The mintToken function of a smart contract implementation for Code47 (C47), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13587 Dectoken Project Integer Overflow OR Wraparound vulnerability in Dectoken Project Dectoken

The mintToken function of a smart contract implementation for DECToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13586 Nectarcoin Project Integer Overflow OR Wraparound vulnerability in Nectarcoin Project Nectarcoin

The mintToken function of a smart contract implementation for Nectar (NCTR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13585 Cherrycoin Project Integer Overflow OR Wraparound vulnerability in Cherrycoin Project Cherrycoin

The mintToken function of a smart contract implementation for CHERRYCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13584 Yasudem Project Integer Overflow OR Wraparound vulnerability in Yasudem Project Yasudem

The mintToken function of a smart contract implementation for yasudem, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13583 Shmoo Project Integer Overflow OR Wraparound vulnerability in Shmoo Project Shmoo

The mintToken function of a smart contract implementation for Shmoo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13582 My2Token Project Integer Overflow OR Wraparound vulnerability in My2Token Project My2Token

The mintToken function of a smart contract implementation for My2Token, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13581 Travelcoin Integer Overflow OR Wraparound vulnerability in Travelcoins Travelcointoken

The mintToken function of a smart contract implementation for TravelCoin (TRV), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13580 Providencecasino Project Integer Overflow OR Wraparound vulnerability in Providencecasino Project Providencecasino

The mintToken function of a smart contract implementation for ProvidenceCasino (PVE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13579 Forevercoin Project Integer Overflow OR Wraparound vulnerability in Forevercoin Project Forevercoin

The mintToken function of a smart contract implementation for ForeverCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13578 Galaxycoin Project Integer Overflow OR Wraparound vulnerability in Galaxycoin Project Galaxycoin

The mintToken function of a smart contract implementation for GalaxyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13577 Advancedshit Project Integer Overflow OR Wraparound vulnerability in Advancedshit Project Advancedshit

The mintToken function of a smart contract implementation for ShitCoin (SHITC) (Contract Name: AdvancedShit), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13576 Juntspercreixer Integer Overflow OR Wraparound vulnerability in Juntspercreixer

The mintToken function of a smart contract implementation for Escut (ESCT) (Contract Name: JuntsPerCreixer), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13575 Yestoken Project Integer Overflow OR Wraparound vulnerability in Yestoken Project Yestoken

The mintToken function of a smart contract implementation for YESToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13574 Datashieldcoin Project Integer Overflow OR Wraparound vulnerability in Datashieldcoin Project Datashieldcoin

The mintToken function of a smart contract implementation for DataShieldCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13573 Trippay Project Integer Overflow OR Wraparound vulnerability in Trippay Project Trippay

The mintToken function of a smart contract implementation for TripPay, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13572 PGM Coin Project Integer Overflow OR Wraparound vulnerability in PGM Coin Project PGM Coin

The mintToken function of a smart contract implementation for PGM_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13571 Goramcoin Integer Overflow OR Wraparound vulnerability in Goramcoin

The mintToken function of a smart contract implementation for GoramCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13570 Kktestcoin1 Project Integer Overflow OR Wraparound vulnerability in Kktestcoin1 Project Kktestcoin1

The mint function of a smart contract implementation for kkTestCoin1 (KTC1), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13569 Yaofache Integer Overflow OR Wraparound vulnerability in Yaofache Hittoken

The mintToken function of a smart contract implementation for HitToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13568 Mktcoin Integer Overflow OR Wraparound vulnerability in Mktcoin

The mintToken function of a smart contract implementation for MktCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13567 Sdr22 Project Integer Overflow OR Wraparound vulnerability in Sdr22 Project Sdr22

The mintToken function of a smart contract implementation for SDR, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13566 Retainly Integer Overflow OR Wraparound vulnerability in Retainly Retntoken

The mintToken function of a smart contract implementation for RETNToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13565 Co2Bit Project Integer Overflow OR Wraparound vulnerability in Co2Bit Project Co2Bit

The mintToken function of a smart contract implementation for Co2Bit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13564 Gatcoin Integer Overflow OR Wraparound vulnerability in Gatcoin

The mintToken function of a smart contract implementation for GATcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13563 Upaytoken Project Integer Overflow OR Wraparound vulnerability in Upaytoken Project Upaytoken

The mintToken function of a smart contract implementation for UPayToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13562 Bmvcoin Integer Overflow OR Wraparound vulnerability in Bmvcoin

The mintToken function of a smart contract implementation for BMVCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13561 Eth033 Project Integer Overflow OR Wraparound vulnerability in Eth033 Project Eth033

The mintToken function of a smart contract implementation for YourCoin (ICO) (Contract Name: ETH033), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13560 Kelvintoken Project Integer Overflow OR Wraparound vulnerability in Kelvintoken Project Kelvintoken

The mintToken function of a smart contract implementation for KelvinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13559 Utct Project Integer Overflow OR Wraparound vulnerability in Utct Project Utct

The mintToken function of a smart contract implementation for UTCT, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13558 Rhovit Project Integer Overflow OR Wraparound vulnerability in Rhovit Project Rhovit

The mintToken function of a smart contract implementation for rhovit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13557 Trabet Coin Project Integer Overflow OR Wraparound vulnerability in Trabet Coin Project Trabet Coin

The mintToken function of a smart contract implementation for Trabet_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13556 Cosmotokenerc20 Project Integer Overflow OR Wraparound vulnerability in Cosmotokenerc20 Project Cosmotokenerc20

The mintToken function of a smart contract implementation for COSMOTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13555 Jaxbox Project Integer Overflow OR Wraparound vulnerability in Jaxbox Project Jaxbox

The mintToken function of a smart contract implementation for JaxBox, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13554 Moneytree Project Integer Overflow OR Wraparound vulnerability in Moneytree Project Moneytree

The mintToken function of a smart contract implementation for MoneyTree (TREE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13553 Microbtc Project Integer Overflow OR Wraparound vulnerability in Microbtc Project Microbtc

The mintToken function of a smart contract implementation for Micro BTC (MBTC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13552 Trabet Coin Preico Project Integer Overflow OR Wraparound vulnerability in Trabet Coin Preico Project Trabet Coin Preico

The mintToken function of a smart contract implementation for Trabet_Coin_PreICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13551 Bgamecoin Project Integer Overflow OR Wraparound vulnerability in Bgamecoin Project Bgamecoin

The mintToken function of a smart contract implementation for Bgamecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13550 Coquinhoerc20 Project Integer Overflow OR Wraparound vulnerability in Coquinhoerc20 Project Coquinhoerc20

The mintToken function of a smart contract implementation for Coquinho Coin (CQNC) (Contract Name: CoquinhoERC20), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13549 Neurotoken Integer Overflow OR Wraparound vulnerability in Neurotoken

The mintToken function of a smart contract implementation for NeuroToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13548 Mimicoin Project Integer Overflow OR Wraparound vulnerability in Mimicoin Project Mimicoin

The mintToken function of a smart contract implementation for Mimicoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13547 PVE Project Integer Overflow OR Wraparound vulnerability in PVE Project PVE

The mintToken function of a smart contract implementation for Providence Crypto Casino (PVE) (Contract Name: ProvidenceCasinoToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13546 Ccash Project Integer Overflow OR Wraparound vulnerability in Ccash Project Ccash

The mintToken function of a smart contract implementation for CCASH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13545 Hashshield Project Integer Overflow OR Wraparound vulnerability in Hashshield Project Hashshield

The mintToken function of a smart contract implementation for HashShield, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13544 Numisma Integer Overflow OR Wraparound vulnerability in Numisma

The mintToken function of a smart contract implementation for Numisma, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13543 Gemstonetoken Project Integer Overflow OR Wraparound vulnerability in Gemstonetoken Project Gemstonetoken

The mintToken function of a smart contract implementation for GemstoneToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13542 Zibtoken Integer Overflow OR Wraparound vulnerability in Zibtoken

The mintToken function of a smart contract implementation for ZIBToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13541 Cryptoleu Project Integer Overflow OR Wraparound vulnerability in Cryptoleu Project Cryptoleu

The mintToken function of a smart contract implementation for CryptoLeu, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13540 GSI Project Integer Overflow OR Wraparound vulnerability in GSI Project GSI

The mintToken function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13539 Bcxss Project Integer Overflow OR Wraparound vulnerability in Bcxss Project Bcxss

The mintToken function of a smart contract implementation for Bcxss, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13538 Sipctoken Project Integer Overflow OR Wraparound vulnerability in Sipctoken Project Sipctoken

The mintToken function of a smart contract implementation for SIPCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13537 Ethereumlegit Project Integer Overflow OR Wraparound vulnerability in Ethereumlegit Project Ethereumlegit

The mintToken function of a smart contract implementation for EthereumLegit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13536 Erc20 ICO Project Integer Overflow OR Wraparound vulnerability in Erc20 ICO Project Erc20 ICO

The mintToken function of a smart contract implementation for ERC20_ICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13535 Paccoin Integer Overflow OR Wraparound vulnerability in Paccoin

The mintToken function of a smart contract implementation for PACCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13534 Speedcashtoken Project Integer Overflow OR Wraparound vulnerability in Speedcashtoken Project Speedcashtoken

The mintToken function of a smart contract implementation for SpeedCashLite (SCSL), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13533 Luxantdigitalbank Integer Overflow OR Wraparound vulnerability in Luxantdigitalbank Alux Digital

The mintToken function of a smart contract implementation for ALUXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13532 Mindexcoin Integer Overflow OR Wraparound vulnerability in Mindexcoin

The mintToken function of a smart contract implementation for Mindexcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13531 Maxhouse Project Integer Overflow OR Wraparound vulnerability in Maxhouse Project Maxhouse

The mintToken function of a smart contract implementation for MaxHouse, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13530 Huntercoin Integer Overflow OR Wraparound vulnerability in Huntercoin

The mintToken function of a smart contract implementation for HunterCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13529 Betterthanadrien Project Integer Overflow OR Wraparound vulnerability in Betterthanadrien Project Betterthanadrien

The mintToken function of a smart contract implementation for BetterThanAdrien, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13528 Dhacoin Project Integer Overflow OR Wraparound vulnerability in Dhacoin Project Dhacoin

The mintToken function of a smart contract implementation for DhaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13527 Elevateico Integer Overflow OR Wraparound vulnerability in Elevateico Elevatecoin

The mintToken function of a smart contract implementation for ElevateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13526 Wangwangtoken Project Integer Overflow OR Wraparound vulnerability in Wangwangtoken Project Wangwangtoken

The mintToken function of a smart contract implementation for WangWangToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13525 Flow Project Integer Overflow OR Wraparound vulnerability in Flow Project Flow

The mintToken function of a smart contract implementation for Flow, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13524 Porn Coin Integer Overflow OR Wraparound vulnerability in Porn-Coin Porncoin

The mintToken function of a smart contract implementation for PornCoin (PRNC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13523 Smartpayment Project Integer Overflow OR Wraparound vulnerability in Smartpayment Project Smartpayment

The mintToken function of a smart contract implementation for SmartPayment, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13522 Exgroup Project Integer Overflow OR Wraparound vulnerability in Exgroup Project Exgroup

The mintToken function of a smart contract implementation for EXGROUP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13521 Pinky Token Project Integer Overflow OR Wraparound vulnerability in Pinky Token Project Pinky Token

The mintToken function of a smart contract implementation for PinkyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13520 Topscoinadvanced Project Integer Overflow OR Wraparound vulnerability in Topscoinadvanced Project Topscoinadvanced

The mintToken function of a smart contract implementation for TopscoinAdvanced, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13519 Digital Cloud Token Project Integer Overflow OR Wraparound vulnerability in Digital Cloud Token Project Digital Cloud Token

The mint function of a smart contract implementation for DigitalCloudToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13518 Tcash Project Integer Overflow OR Wraparound vulnerability in Tcash Project Tcash

The mintToken function of a smart contract implementation for TCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13517 C3 Token Project Integer Overflow OR Wraparound vulnerability in C3 Token Project C3 Token

The mintToken function of a smart contract implementation for C3 Token (C3), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13516 Supercoolawesomemoney Integer Overflow OR Wraparound vulnerability in Supercoolawesomemoney Super Cool Awesome Money

The mintToken function of a smart contract implementation for Super Cool Awesome Money (SCAM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13515 Aman Project Integer Overflow OR Wraparound vulnerability in Aman Project Aman

The mintToken function of a smart contract implementation for aman, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13514 Esportz Project Integer Overflow OR Wraparound vulnerability in Esportz Project Esportz

The mintToken function of a smart contract implementation for esportz, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13513 Ubiou Integer Overflow OR Wraparound vulnerability in Ubiou

The mintToken function of a smart contract implementation for Ubiou, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13512 Smarthomecoin Project Integer Overflow OR Wraparound vulnerability in Smarthomecoin Project Smarthomecoin

The mintToken function of a smart contract implementation for SmartHomeCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13511 Corellicoin Project Integer Overflow OR Wraparound vulnerability in Corellicoin Project Corellicoin

The mintToken function of a smart contract implementation for CorelliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13510 Welfare Token Fund Project Integer Overflow OR Wraparound vulnerability in Welfare Token Fund Project Welfare Token Fund

The mintToken function of a smart contract implementation for Welfare Token Fund (WTF), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13509 Iamrich Project Integer Overflow OR Wraparound vulnerability in Iamrich Project Iamrich

The mintToken function of a smart contract implementation for IamRich, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13508 Vicetoken Integer Overflow OR Wraparound vulnerability in Vicetoken Vittoken

The mintToken function of a smart contract implementation for VITToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13507 Slcadvancedtoken Project Integer Overflow OR Wraparound vulnerability in Slcadvancedtoken Project Slcadvancedtoken

The mintToken function of a smart contract implementation for SLCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13506 Self Drive Rental Project Integer Overflow OR Wraparound vulnerability in Self Drive Rental Project Self Drive Rental

The mintToken function of a smart contract implementation for SDR22, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13505 Ecogreenhouse Project Integer Overflow OR Wraparound vulnerability in Ecogreenhouse Project Ecogreenhouse

The mintToken function of a smart contract implementation for ecogreenhouse, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13504 Immcoin Integer Overflow OR Wraparound vulnerability in Immcoin

The mintToken function of a smart contract implementation for MMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13503 South Park Token Token Project Integer Overflow OR Wraparound vulnerability in South Park Token Project South Park Token

The mintToken function of a smart contract implementation for South Park Token Token (SPTKN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13502 Heliumnetwork Project Integer Overflow OR Wraparound vulnerability in Heliumnetwork Project Heliumnetwork

The mintToken function of a smart contract implementation for HeliumNetwork, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13501 Hrwtoken Project Integer Overflow OR Wraparound vulnerability in Hrwtoken Project Hrwtoken

The mintToken function of a smart contract implementation for HRWtoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13500 Missimx Integer Overflow OR Wraparound vulnerability in Missimx Msxadvanced

The mintToken function of a smart contract implementation for MSXAdvanced, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13499 Pcncoin Integer Overflow OR Wraparound vulnerability in Pcncoin

The mintToken function of a smart contract implementation for Crowdsale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13498 Kapaycoin Project Integer Overflow OR Wraparound vulnerability in Kapaycoin Project Kapaycoin

The mintToken function of a smart contract implementation for KAPAYcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13497 Cobtoken Project Integer Overflow OR Wraparound vulnerability in Cobtoken Project Cobtoken

The mintToken function of a smart contract implementation for COBToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13496 Rajtestico Project Integer Overflow OR Wraparound vulnerability in Rajtestico Project Rajtestico

The mintToken function of a smart contract implementation for RajTestICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13495 Kmctoken Project Integer Overflow OR Wraparound vulnerability in Kmctoken Project Kmctoken

The mintToken function of a smart contract implementation for KMCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13494 Susantoken Project Integer Overflow OR Wraparound vulnerability in Susantoken Project Susantoken

The mintToken function of a smart contract implementation for SusanTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13493 Daddytoken Project Integer Overflow OR Wraparound vulnerability in Daddytoken Project Daddytoken

The mintToken function of a smart contract implementation for DaddyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13492 Naga Project Integer Overflow OR Wraparound vulnerability in Naga Project Naga

The mintToken function of a smart contract implementation for naga, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13491 Carrot Cartoon Book Coin Project Integer Overflow OR Wraparound vulnerability in Carrot Cartoon Book Coin Project Carrot Cartoon Book Coin

The mintToken function of a smart contract implementation for Carrot, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13490 Film Tokens BY Contrib Project Integer Overflow OR Wraparound vulnerability in Film Tokens BY Contrib Project Film Tokens BY Contrib

The mintToken function of a smart contract implementation for FILM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13489 Olliscoin Project Integer Overflow OR Wraparound vulnerability in Olliscoin Project Olliscoin

The mintToken function of a smart contract implementation for OllisCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13488 Crypto Alley Shares Project Integer Overflow OR Wraparound vulnerability in Crypto Alley Shares Project Crypto Alley Shares

The mintToken function of a smart contract implementation for Crypto Alley Shares (CAST), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13487 Plato Project Integer Overflow OR Wraparound vulnerability in Plato Project Plato

The mintToken function of a smart contract implementation for PlatoToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13486 Helpproject Integer Overflow OR Wraparound vulnerability in Helpproject Help

The mintToken function of a smart contract implementation for HELP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13485 Bitcoinagile Project Integer Overflow OR Wraparound vulnerability in Bitcoinagile Project Bitcoinagile

The mintToken function of a smart contract implementation for BitcoinAgileToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13484 CBR Token Project Integer Overflow OR Wraparound vulnerability in CBR Token Project CBR Token

The mintToken function of a smart contract implementation for CBRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13483 Mkethtoken Project Integer Overflow OR Wraparound vulnerability in Mkethtoken Project Mkethtoken

The mintToken function of a smart contract implementation for mkethToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13482 Ethercash Project Integer Overflow OR Wraparound vulnerability in Ethercash Project Ethercash

The mintToken function of a smart contract implementation for ETHERCASH (ETC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13481 Triumland Integer Overflow OR Wraparound vulnerability in Triumland Trium

The mintToken function of a smart contract implementation for TRIUM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13480 QRG Project Integer Overflow OR Wraparound vulnerability in QRG Project QRG

The mintToken function of a smart contract implementation for QRG, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13479 Slidebitstoken Project Integer Overflow OR Wraparound vulnerability in Slidebitstoken Project Slidebitstoken

The mintToken function of a smart contract implementation for SlidebitsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13478 Airbridge Integer Overflow OR Wraparound vulnerability in Airbridge DMP Token

The mintToken function of a smart contract implementation for DMPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13477 CTE Integer Overflow OR Wraparound vulnerability in CTE Career Trust Ecosystem

The mintToken function of a smart contract implementation for CTESale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13476 Philcoin Integer Overflow OR Wraparound vulnerability in Philcoin

The mintToken function of a smart contract implementation for PhilCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13475 Vsctoken Project Integer Overflow OR Wraparound vulnerability in Vsctoken Project Vsctoken

The mintToken function of a smart contract implementation for VSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13474 Fanschaintoken Project Integer Overflow OR Wraparound vulnerability in Fanschaintoken Project Fanschaintoken

The mintToken function of a smart contract implementation for FansChainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13473 Ohni Project Integer Overflow OR Wraparound vulnerability in Ohni Project Ohni

The mintToken function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13472 Clouttoken Project Integer Overflow OR Wraparound vulnerability in Clouttoken Project Clouttoken

The mint function of a smart contract implementation for CloutToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13471 Beyondcash Integer Overflow OR Wraparound vulnerability in Beyondcash

The mintToken function of a smart contract implementation for BeyondCashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13470 Buyertoken Project Integer Overflow OR Wraparound vulnerability in Buyertoken Project Buyertoken

The mintToken function of a smart contract implementation for BuyerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13469 Icocontract Project Integer Overflow OR Wraparound vulnerability in Icocontract Project Icocontract

The mintToken function of a smart contract implementation for IcoContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13468 Cavecoin Project Integer Overflow OR Wraparound vulnerability in Cavecoin Project Cavecoin

The mintToken function of a smart contract implementation for Cavecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13467 Epnex Integer Overflow OR Wraparound vulnerability in Epnex Epiphany

The mintToken function of a smart contract implementation for EpiphanyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13466 Crystals Integer Overflow OR Wraparound vulnerability in Crystals

The mintToken function of a smart contract implementation for Crystals, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13465 Paulycoin Project Integer Overflow OR Wraparound vulnerability in Paulycoin Project Paulycoin

The mintToken function of a smart contract implementation for PaulyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13464 T Swap Token Project Integer Overflow OR Wraparound vulnerability in T-Swap-Token Project T-Swap-Token

The mintToken function of a smart contract implementation for t_swap, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13463 T Swap Token Project Integer Overflow OR Wraparound vulnerability in T-Swap-Token Project T-Swap-Token

The mintToken function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-09 CVE-2018-13462 Moontoken Project Integer Overflow OR Wraparound vulnerability in Moontoken Project Moontoken

The mintToken function of a smart contract implementation for MoonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-07-13 CVE-2018-10098 Escanav Buffer Errors vulnerability in Escanav Escan Internet Security Suite 14.0.1400.2029

In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD).

4.9
2018-07-12 CVE-2018-8024 Apache
Mozilla
Information Exposure vulnerability in multiple products

In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute and expose information from the user's view of the Spark UI.

4.9
2018-07-11 CVE-2018-8309 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

4.9
2018-07-10 CVE-2018-10872 Redhat Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat products

A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions.

4.9
2018-07-10 CVE-2018-2432 SAP Cross-Site Scripting vulnerability in SAP Businessobjects Business Intelligence 4.1/4.2/4.3

SAP BusinessObjects Business Intelligence (BI Launchpad and Central Management Console) versions 4.10, 4.20 and 4.30 allow an attacker to include invalidated data in the HTTP response header sent to a Web user.

4.9
2018-07-10 CVE-2018-1549 IBM Injection vulnerability in IBM Rational Quality Manager

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to HTTP response splitting attacks.

4.9
2018-07-10 CVE-2018-3693 Intel
ARM
Oracle
Schneider Electric
Netapp
Redhat
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
4.7
2018-07-13 CVE-2018-10875 Redhat
Debian
Suse
Canonical
Untrusted Search Path vulnerability in multiple products

A flaw was found in ansible.

4.6
2018-07-13 CVE-2017-13097 Cryptographic Issues vulnerability in -

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement.

4.6
2018-07-13 CVE-2017-13096 Cryptographic Issues vulnerability in -

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control.

4.6
2018-07-13 CVE-2017-13095 Cryptographic Issues vulnerability in -

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant.

4.6
2018-07-13 CVE-2017-13094 Cryptographic Issues vulnerability in -

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP.

4.6
2018-07-13 CVE-2017-13093 Cryptographic Issues vulnerability in -

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans.

4.6
2018-07-13 CVE-2017-13092 Cryptographic Issues vulnerability in -

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle.

4.6
2018-07-13 CVE-2017-13091 Cryptographic Issues vulnerability in -

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle.

4.6
2018-07-13 CVE-2018-10631 Medtronic Protection Mechanism Failure vulnerability in Medtronic N'Vision 8840 Firmware and N'Vision 8870 Firmware

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions.

4.6
2018-07-12 CVE-2018-5529 F5
Apple
Linux
Unspecified vulnerability in F5 Big-Ip Access Policy Manager and Big-Ip Edge

The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host.

4.6
2018-07-12 CVE-2017-18155 Qualcomm Improper Input Validation vulnerability in Qualcomm products

While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault.

4.6
2018-07-11 CVE-2018-8232 Microsoft Improper Input Validation vulnerability in Microsoft Visual Studio 2017 15.7.5/15.8

A Tampering vulnerability exists when Microsoft Macro Assembler improperly validates code, aka "Microsoft Macro Assembler Tampering Vulnerability." This affects Microsoft Visual Studio.

4.6
2018-07-11 CVE-2018-8222 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

4.6
2018-07-10 CVE-2018-3688 Intel Unquoted Search Path OR Element vulnerability in Intel Quartus Prime Programmer and Tools

Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.

4.6
2018-07-10 CVE-2018-3687 Intel Unquoted Search Path OR Element vulnerability in Intel Quartus II Programmer and Tools

Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code.

4.6
2018-07-10 CVE-2018-3684 Intel Unquoted Search Path OR Element vulnerability in Intel Quartus II

Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code.

4.6
2018-07-10 CVE-2018-3683 Intel Unquoted Search Path OR Element vulnerability in Intel Quartus Prime

Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.

4.6
2018-07-10 CVE-2018-3682 Intel Improper Privilege Management vulnerability in Intel BMC Firmware

BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS.

4.6
2018-07-10 CVE-2018-3668 Intel Unquoted Search Path OR Element vulnerability in Intel Processor Diagnostic Tool 4.1.0.24

Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code.

4.6
2018-07-10 CVE-2018-3667 Intel Insecure Default Initialization of Resource vulnerability in Intel Processor Diagnostic Tool 4.1.0.24

Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation.

4.6
2018-07-10 CVE-2018-3652 Intel Information Exposure vulnerability in Intel products

Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.

4.6
2018-07-10 CVE-2018-3627 Intel
Netapp
Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.
4.6
2018-07-10 CVE-2018-1566 IBM
Linux
Microsoft
USE of Externally-Controlled Format String vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to execute arbitrary code due to a format string error.

4.6
2018-07-10 CVE-2018-1492 IBM Session Fixation vulnerability in IBM products

IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session.

4.6
2018-07-10 CVE-2018-1487 IBM
Linux
Microsoft
Untrusted Search Path vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5 and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege users full access to the DB2 instance account by loading a malicious shared library.

4.6
2018-07-13 CVE-2018-6969 Vmware Out-Of-Bounds Read vulnerability in VMWare Tools

VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS.

4.4
2018-07-13 CVE-2016-9500 Accellion Cross-Site Scripting vulnerability in Accellion FTP Server

Accellion FTP server prior to version FTA_9_12_220 uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting.

4.3
2018-07-13 CVE-2016-9493 Jqueryform Cross-Site Scripting vulnerability in Jqueryform PHP Formmail Generator

The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to stored cross-site scripting.

4.3
2018-07-13 CVE-2016-6543 Ieasytec Improper Access Control vulnerability in Ieasytec Itrack Easy

A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device.

4.3
2018-07-13 CVE-2016-6542 Ieasytec Improper Input Validation vulnerability in Ieasytec Itrackeasy

The iTrack device tracking ID number, also called "LosserID" in the web API, can be obtained by being in the range of an iTrack device.

4.3
2018-07-13 CVE-2018-1255 EMC Cross-Site Scripting vulnerability in EMC RSA Identity Governance and Lifecycle 7.0.1/7.0.2/7.1.0

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability.

4.3
2018-07-13 CVE-2018-14052 Libwav Project Unspecified vulnerability in Libwav Project Libwav

An issue has been found in libwav through 2017-04-20.

4.3
2018-07-13 CVE-2018-14050 Libwav Project Unspecified vulnerability in Libwav Project Libwav

An issue has been found in libwav through 2017-04-20.

4.3
2018-07-13 CVE-2018-14049 Libwav Project Unspecified vulnerability in Libwav Project Libwav

An issue has been found in libwav through 2017-04-20.

4.3
2018-07-13 CVE-2018-14048 Libpng
Oracle
An issue has been found in libpng 1.6.34.
4.3
2018-07-13 CVE-2018-14047 Pngwriter Project Buffer Errors vulnerability in Pngwriter Project Pngwriter 0.7.0

** DISPUTED ** An issue has been found in PNGwriter 0.7.0.

4.3
2018-07-13 CVE-2017-1395 IBM Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.2.1

IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.

4.3
2018-07-13 CVE-2018-14042 Getbootstrap Cross-Site Scripting vulnerability in Getbootstrap Bootstrap

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

4.3
2018-07-13 CVE-2018-14041 Getbootstrap Cross-Site Scripting vulnerability in Getbootstrap Bootstrap 4.0.0/4.1.0/4.1.1

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.

4.3
2018-07-13 CVE-2018-14040 Debian
Getbootstrap
Cross-Site Scripting vulnerability in multiple products

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

4.3
2018-07-12 CVE-2018-14017 Radare Out-Of-Bounds Read vulnerability in Radare Radare2 2.7.0

The r_bin_java_annotation_new function in shlr/java/class.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted .class file because of missing input validation in r_bin_java_line_number_table_attr_new.

4.3
2018-07-12 CVE-2018-14016 Radare Out-Of-Bounds Read vulnerability in Radare Radare2 2.7.0

The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Mini Crash Dump file.

4.3
2018-07-12 CVE-2018-14015 Radare Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Radare Radare2 2.7.0

The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c.

4.3
2018-07-12 CVE-2018-13796 GNU Improper Input Validation vulnerability in GNU Mailman

An issue was discovered in GNU Mailman before 2.1.28.

4.3
2018-07-12 CVE-2018-13458 Nagios Null Pointer Dereference vulnerability in Nagios Core

qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.

4.3
2018-07-12 CVE-2018-13457 Nagios Null Pointer Dereference vulnerability in Nagios Core

qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.

4.3
2018-07-12 CVE-2017-14710 Shein Improper Certificate Validation vulnerability in Shein Shein-Fashion Shopping Online

The Shein Group Ltd.

4.3
2018-07-12 CVE-2017-14612 Shpock Improper Certificate Validation vulnerability in Shpock

"Shpock Boot Sale & Classifieds" app before 3.17.0 -- aka shpock-boot-sale-classifieds/id557153158 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2018-07-11 CVE-2018-11045 Pivotal Software USE of Insufficiently Random Values vulnerability in Pivotal Software Operations Manager

Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to 1.12.22, contains a static Linux Random Number Generator (LRNG) seed file embedded in the appliance image.

4.3
2018-07-11 CVE-2016-0708 Cloudfoundry Information Exposure vulnerability in Cloudfoundry Cf-Release and Java Buildpack

Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details.

4.3
2018-07-11 CVE-2018-0034 Juniper Improper Input Validation vulnerability in Juniper Junos

A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system.

4.3
2018-07-11 CVE-2018-0031 Juniper Resource Exhaustion vulnerability in Juniper Junos

Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter.

4.3
2018-07-11 CVE-2018-0027 Juniper Improper Input Validation vulnerability in Juniper Junos 16.1

Receipt of a crafted or malformed RSVP PATH message may cause the routing protocol daemon (RPD) to hang or crash.

4.3
2018-07-11 CVE-2018-0025 Juniper Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49

When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a man-in-the-middle attack or by authentic servers subverted by malicious actors.

4.3
2018-07-11 CVE-2018-10232 Topdesk Cross-Site Request Forgery (CSRF) vulnerability in Topdesk 5.7/8.05.001/8.05.016

Cross-site request forgery (CSRF) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to hijack the authentication of authenticated users for requests that can obtain sensitive information via unspecified vectors.

4.3
2018-07-11 CVE-2018-10231 Topdesk Cross-Site Scripting vulnerability in Topdesk

Cross-site scripting (XSS) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

4.3
2018-07-11 CVE-2018-13878 Rocket Chat Cross-Site Scripting vulnerability in Rocket.Chat

An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js in Rocket.Chat before 0.65.

4.3
2018-07-11 CVE-2018-8325 Microsoft Information Exposure vulnerability in Microsoft Edge

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

4.3
2018-07-11 CVE-2018-8324 Microsoft Information Exposure vulnerability in Microsoft Edge

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

4.3
2018-07-11 CVE-2018-8314 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2008 R2, Windows 10.

4.3
2018-07-11 CVE-2018-8305 Microsoft Information Exposure vulnerability in Microsoft Windows Calendar, Windows Mail and Windows People

An information disclosure vulnerability exists in Windows Mail Client when a message is opened, aka "Windows Mail Client Information Disclosure Vulnerability." This affects Mail, Calendar, and People in Windows 8.1 App Store.

4.3
2018-07-11 CVE-2018-8297 Microsoft Information Exposure vulnerability in Microsoft Edge

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

4.3
2018-07-11 CVE-2018-8289 Microsoft Information Exposure vulnerability in Microsoft Edge

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

4.3
2018-07-11 CVE-2018-8276 Microsoft Unspecified vulnerability in Microsoft Edge

A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed, aka "Scripting Engine Security Feature Bypass Vulnerability." This affects Microsoft Edge, ChakraCore.

4.3
2018-07-11 CVE-2018-0949 Microsoft Unspecified vulnerability in Microsoft Internet Explorer 10/11/9

A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

4.3
2018-07-10 CVE-2018-13865 Idreamsoft Cross-Site Scripting vulnerability in Idreamsoft Icms 7.0.9

An issue was discovered in idreamsoft iCMS 7.0.9.

4.3
2018-07-10 CVE-2018-12462 Netiq Cross-Site Scripting vulnerability in Netiq Imanager 3.1.1

NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.

4.3
2018-07-10 CVE-2018-2439 SAP Improper Input Validation vulnerability in SAP Internet Graphics Server

The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has insufficient request validation (for example, where the request is validated for authenticity and validity) and under certain conditions, will process invalid requests.

4.3
2018-07-10 CVE-2018-2435 SAP Cross-Site Scripting vulnerability in SAP Netweaver Enterprise Portal

SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

4.3
2018-07-10 CVE-2018-2434 SAP Insufficient Verification of Data Authenticity vulnerability in SAP Netweaver, UI Infra and User Interface Technology

A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52).

4.3
2018-07-10 CVE-2018-2431 SAP Cross-Site Scripting vulnerability in SAP Businessobjects Business Intelligence 4.10/4.20

SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

4.3
2018-07-10 CVE-2018-13849 Instagram Clone Project Cross-Site Scripting vulnerability in Instagram-Clone Project Instagram-Clone 20180423

edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace.

4.3
2018-07-10 CVE-2018-10888 Libgit2
Debian
Out-Of-Bounds Read vulnerability in multiple products

A flaw was found in libgit2 before version 0.27.3.

4.3
2018-07-10 CVE-2018-13389 Atlassian Improper Input Validation vulnerability in Atlassian Confluence

The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml.

4.3
2018-07-09 CVE-2018-11450 Siemens Cross-Site Scripting vulnerability in Siemens Teamcenter Product Lifecycle Management

A reflected Cross-Site-Scripting (XSS) vulnerability has been identified in Siemens PLM Software TEAMCENTER (V9.1.2.5).

4.3
2018-07-09 CVE-2018-1000611 Openconext Cross-Site Scripting vulnerability in Openconext Engineblock

SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains a Cross Site Scripting (XSS) vulnerability that can result in Allows an attacker to inject arbitrary web scripts or HTML into help and login pages.

4.3
2018-07-09 CVE-2018-5001 Adobe
Apple
Linux
Microsoft
Google
Redhat
Out-Of-Bounds Read vulnerability in multiple products

Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability.

4.3
2018-07-09 CVE-2018-5000 Adobe
Apple
Linux
Microsoft
Google
Redhat
Integer Overflow OR Wraparound vulnerability in multiple products

Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability.

4.3
2018-07-09 CVE-2018-4999 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe products

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have an Out-of-bounds read vulnerability.

4.3
2018-07-09 CVE-2018-4979 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Security Bypass vulnerability.

4.3
2018-07-09 CVE-2018-4972 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

4.3
2018-07-09 CVE-2018-4951 Adobe
Apple
Microsoft
Out-Of-Bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability.

4.3
2018-07-09 CVE-2013-2999 IBM Cross-Site Scripting vulnerability in IBM Infosphere Data Replication Dashboard 10.1/9.7

Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2018-07-09 CVE-2018-13785 Libpng
Canonical
Oracle
Redhat
Divide BY Zero vulnerability in multiple products

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

4.3
2018-07-09 CVE-2018-13256 Chartered Accountant Cross-Site Scripting vulnerability in Chartered Accountant : Auditor Website Project Chartered Accountant : Auditor Website 2.0.1

PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter.

4.3
2018-07-09 CVE-2017-16890 Swftools Divide BY Zero vulnerability in Swftools 0.9.2

SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono function in lib/wav.c because the align value may be zero.

4.3
2018-07-15 CVE-2018-14055 ZNC
Debian
Improper Input Validation vulnerability in multiple products

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.

4.0
2018-07-13 CVE-2016-9489 Zohocorp Permissions, Privileges, and Access Controls vulnerability in Zohocorp Manageengine Applications Manager 12.0/13.0

In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e.

4.0
2018-07-13 CVE-2018-14036 Freedesktop Path Traversal vulnerability in Freedesktop Accountsservice

Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.

4.0
2018-07-10 CVE-2018-1423 IBM Information Exposure vulnerability in IBM products

IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system.

4.0
2018-07-09 CVE-2018-1548 IBM Information Exposure vulnerability in IBM API Connect

IBM API Connect 2018.1.0.0, 2018.2.1, 2018.2.2, 2018.2.3, and 2018.2.4 contains a vulnerability that could allow an authenticated user to obtain sensitive information.

4.0

40 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-07-10 CVE-2018-1116 Debian
Canonical
Polkit Project
Missing Authorization vulnerability in multiple products

A flaw was found in polkit before version 0.116.

3.6
2018-07-12 CVE-2018-12981 Wago Cross-Site Scripting vulnerability in Wago products

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02.

3.5
2018-07-12 CVE-2018-13999 Catfish CMS Cross-Site Scripting vulnerability in Catfish-Cms Catfish CMS 4.7.9

Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html editorValue parameter (aka an article posted by an administrator).

3.5
2018-07-12 CVE-2018-13998 Clippercms Cross-Site Scripting vulnerability in Clippercms 1.3.3

ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security -> Manager Users or (2) Security -> Web Users.

3.5
2018-07-11 CVE-2017-16710 Crestron Cross-Site Scripting vulnerability in Crestron Airmedia Am-100 Firmware and Airmedia Am-101 Firmware

Cross-site scripting (XSS) vulnerability in Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5
2018-07-11 CVE-2013-0592 IBM Cross-Site Scripting vulnerability in IBM Inotes

Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5
2018-07-11 CVE-2018-13879 Rocket Chat Cross-Site Scripting vulnerability in Rocket.Chat

A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66.

3.5
2018-07-11 CVE-2018-8326 Microsoft Cross-Site Scripting vulnerability in Microsoft web Customizations

A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Open Source Customization for Active Directory Federation Services XSS Vulnerability." This affects Web Customizations.

3.5
2018-07-11 CVE-2018-8323 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.

3.5
2018-07-11 CVE-2018-8299 Microsoft Cross-Site Scripting vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.

3.5
2018-07-10 CVE-2018-1523 IBM Cross-Site Scripting vulnerability in IBM Rational Quality Manager

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting.

3.5
2018-07-10 CVE-2018-1396 IBM Cross-Site Scripting vulnerability in IBM Rational Quality Manager

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting.

3.5
2018-07-10 CVE-2017-1793 IBM Cross-Site Scripting vulnerability in IBM Rational Quality Manager

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting.

3.5
2018-07-10 CVE-2017-1792 IBM Cross-Site Scripting vulnerability in IBM Rational Quality Manager

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting.

3.5
2018-07-10 CVE-2017-1791 IBM Cross-Site Scripting vulnerability in IBM Rational Quality Manager

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting.

3.5
2018-07-10 CVE-2017-1738 IBM Cross-Site Scripting vulnerability in IBM Rational Quality Manager

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 contains an undisclosed vulnerability that would allow an authenticated user to obtain elevated privileges.

3.5
2018-07-10 CVE-2017-1729 IBM Cross-Site Scripting vulnerability in IBM Rational Quality Manager

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting.

3.5
2018-07-10 CVE-2018-1521 IBM Cross-Site Scripting vulnerability in IBM Rational Team Concert

IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting.

3.5
2018-07-10 CVE-2018-1408 IBM Cross-Site Scripting vulnerability in IBM Rational Team Concert

IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting.

3.5
2018-07-10 CVE-2018-1407 IBM Cross-Site Scripting vulnerability in IBM Rational Team Concert

IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting.

3.5
2018-07-10 CVE-2018-13388 Atlassian Cross-Site Scripting vulnerability in Atlassian Crucible and Fisheye

The review attachment resource in Atlassian Fisheye and Crucible before version 4.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in attached files.

3.5
2018-07-13 CVE-2016-9494 Hughes Improper Input Validation vulnerability in Hughes products

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation.

3.3
2018-07-13 CVE-2016-6549 Nutspace Improper Authentication vulnerability in Nutspace NUT Mobile

The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute.

3.3
2018-07-10 CVE-2018-3629 Intel Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Intel Active Management Technology Firmware

Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet.

3.3
2018-07-10 CVE-2018-1129 Redhat
Ceph
Debian
Opensuse
Improper Authentication vulnerability in multiple products

A flaw was found in the way signature calculation was handled by cephx authentication protocol.

3.3
2018-07-13 CVE-2013-0570 IBM Information Exposure vulnerability in IBM Network Operating System

The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data frames with unknown MAC addresses out on all interfaces on the same VLAN, which might allow remote attackers to obtain sensitive information in opportunistic circumstances by eavesdropping on the broadcast domain.

2.9
2018-07-13 CVE-2016-6562 Mitel Improper Certificate Validation vulnerability in Mitel Shortel Mobility Client 9.1.3.109

On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly validate SSL certificates provided by HTTPS connections, which means that an attacker in the position to perform MITM attacks may be able to obtain sensitive account information such as login credentials.

2.9
2018-07-13 CVE-2016-6547 Nutspace Information Exposure vulnerability in Nutspace NUT Mobile

The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file.

2.1
2018-07-13 CVE-2016-6546 Kkmcn Information Exposure vulnerability in Kkmcn Itrackeasy

The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file.

2.1
2018-07-12 CVE-2018-13441 Nagios Null Pointer Dereference vulnerability in Nagios

qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.

2.1
2018-07-11 CVE-2013-2951 IBM Credentials Management vulnerability in IBM Websphere Portal

IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file.

2.1
2018-07-11 CVE-2016-9604 Linux Improper Verification of Cryptographic Signature vulnerability in Linux Kernel

It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring.

2.1
2018-07-11 CVE-2018-8356 Microsoft Improper Certificate Validation vulnerability in Microsoft products

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 1.0, .NET Core 2.0, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.

2.1
2018-07-10 CVE-2018-3619 Intel Information Exposure vulnerability in Intel products

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access.

2.1
2018-07-10 CVE-2017-5704 Intel Insufficiently Protected Credentials vulnerability in Intel Core I3, Core I5 and Core I7

Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges.

2.1
2018-07-10 CVE-2018-2440 SAP Information Exposure Through LOG Files vulnerability in SAP Dynamic Authorization Management 7.7/8.5

Under certain circumstances SAP Dynamic Authorization Management (DAM) by NextLabs (Java Policy Controller versions 7.7 and 8.5) exposes sensitive information in the application logs.

2.1
2018-07-09 CVE-2018-1000404 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins AWS Codebuild

Jenkins project Jenkins AWS CodeBuild Plugin version 0.26 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSClientFactory.java, CodeBuilder.java that can result in Credentials Disclosure.

2.1
2018-07-09 CVE-2018-1000403 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins AWS Codedeploy

Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodeDeployPublisher.java that can result in Credentials Disclosure.

2.1
2018-07-09 CVE-2018-1000401 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins AWS Codepipeline

Jenkins project Jenkins AWS CodePipeline Plugin version 0.36 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodePipelineSCM.java that can result in Credentials Disclosure.

2.1
2018-07-12 CVE-2018-1334 Apache Information Exposure vulnerability in Apache Spark

In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application.

1.9