Writeup Exploits

62,864 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-13220 WRITEUP HIGH
MAVCash - Integer Overflow in Sell Function
The sell function of a smart contract implementation for MAVCash, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13221 WRITEUP HIGH
Extreme Coin - Integer Overflow in Sell Function
The sell function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13222 WRITEUP HIGH
ObjectToken - Integer Overflow in Sell Function
The sell function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13223 WRITEUP HIGH
RTokenMain - Integer Overflow in Sell Function
The sell function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13224 WRITEUP HIGH
Virtual Energy Units - Integer Overflow in Sell Function
The sell function of a smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13225 WRITEUP HIGH
MyYLC - Integer Overflow in Sell Function
The sell function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13226 WRITEUP HIGH
YLCToken - Integer Overflow in Sell Function
The sell function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13227 WRITEUP HIGH
MoneyChainNet - Integer Overflow in Sell Function
The sell function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13228 WRITEUP HIGH
Crowdnext - Integer Overflow in Sell Function
The sell function of a smart contract implementation for Crowdnext (CNX), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13229 WRITEUP HIGH
RiptideCoin - Integer Overflow in Sell Function
The sell function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13230 WRITEUP HIGH
DestiNeed - Integer Overflow in Sell Function
The sell function of a smart contract implementation for DestiNeed (DSN), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13231 WRITEUP HIGH
EnterToken - Integer Overflow in Sell Function
The sell function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13232 WRITEUP HIGH
EnterCoin - Integer Overflow in Sell Function
The sell function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13233 WRITEUP HIGH
GSI - Integer Overflow in Sell Function
The sell function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVSS 7.5
CVE-2018-13405 WRITEUP HIGH
Linux Kernel < 3.16 - Privilege Escalation via SGID Directory Inode Initialization
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.
CVSS 7.8
CVE-2018-13441 WRITEUP MEDIUM
Nagios < 4.4.1 - Denial of Service via qh_help NULL Pointer Dereference
qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
CVSS 5.5
CVE-2018-13457 WRITEUP MEDIUM
Nagios Core < 4.4.1 - Denial of Service via NULL Pointer Dereference in qh_echo
qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
CVSS 5.5
CVE-2018-13458 WRITEUP MEDIUM
Nagios Core < 4.4.1 - Denial of Service via Crafted UNIX Socket Payload
qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
CVSS 5.5
CVE-2018-13462 WRITEUP HIGH
MoonToken - Integer Overflow in mintToken Function
The mintToken function of a smart contract implementation for MoonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS 7.5
CVE-2018-13463 WRITEUP HIGH
T-Swap-Token - Integer Overflow in mintToken Function
The mintToken function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS 7.5
CVE-2018-13464 WRITEUP HIGH
t_swap - Integer Overflow in mintToken Function
The mintToken function of a smart contract implementation for t_swap, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS 7.5
CVE-2018-13465 WRITEUP HIGH
PaulyCoin - Integer Overflow in mintToken Function
The mintToken function of a smart contract implementation for PaulyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS 7.5
CVE-2018-13466 WRITEUP HIGH
Crystals - Integer Overflow in mintToken Function
The mintToken function of a smart contract implementation for Crystals, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS 7.5
CVE-2018-13467 WRITEUP HIGH
EpiphanyCoin - Integer Overflow in mintToken Function
The mintToken function of a smart contract implementation for EpiphanyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS 7.5
CVE-2018-13468 WRITEUP HIGH
Cavecoin - Integer Overflow in mintToken Function
The mintToken function of a smart contract implementation for Cavecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS 7.5