Exploit Database

146,695 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-13782 WRITEUP HIGH
EnterCoin - Integer Overflow in mintToken Function
The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS 7.5
CVE-2018-13783 WRITEUP HIGH
JiucaiToken - Integer Overflow in mintToken Function
The mintToken function of a smart contract implementation for JiucaiToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS 7.5
CVE-2018-13797 WRITEUP CRITICAL
node-macaddress < 0.2.9 - OS Command Injection via Unsanitized Input to exec Call
The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.
CVSS 9.8
CVE-2018-13818 WRITEUP CRITICAL
symfony/twig < 2.4.4 - Server-Side Template Injection via search_key Parameter
Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the responsibility of web applications using Twig to properly wrap input to it
CVSS 9.8
CVE-2018-13836 WRITEUP HIGH
Rocket Coin - Integer Overflow in multiTransfer Function
An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. An attacker could use it to set any user's balance.
CVSS 7.5
CVE-2018-13982 WRITEUP HIGH
Smarty < 3.1.33 - Path Traversal via Trusted Resource Directory Bypass
Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files.
CVSS 7.5
CVE-2018-14002 WRITEUP HIGH
MP3 Coin - Integer Overflow in Distribute Function
An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. An attacker could use it to set any user's balance.
CVSS 7.5
CVE-2018-14003 WRITEUP HIGH
WeMediaChain - Memory Corruption
An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. An attacker could use it to set any user's balance.
CVSS 7.5
CVE-2018-14004 WRITEUP HIGH
GlobeCoin - Integer Overflow in transfer_tokens_after_ICO Function
An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. An attacker could use it to set any user's balance.
CVSS 7.5
CVE-2018-14005 WRITEUP HIGH
Malaysia coins (Xmc) - Code Injection
An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user's balance.
CVSS 7.5
CVE-2018-14006 WRITEUP HIGH
Neo Genesis Token - Buffer Overflow
An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract. An attacker could use it to set any user's balance.
CVSS 7.5
CVE-2018-14009 WRITEUP CRITICAL
Codiad < 2.8.4 - Remote Code Execution
Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689.
CVSS 9.8
CVE-2018-14055 WRITEUP MEDIUM
ZNC <1.7.1-rc1 - Privilege Escalation
ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.
CVSS 6.5
CVE-2018-14071 WRITEUP CRITICAL
Geo Mashup <1.10.4 - Info Disclosure
The Geo Mashup plugin before 1.10.4 for WordPress has insufficient sanitization of post editor and other user input.
CVSS 9.8
CVE-2018-14335 WRITEUP MEDIUM
H2 <1.4.197 - Info Disclosure
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
CVSS 6.5
CVE-2018-14349 WRITEUP CRITICAL
Mutt <1.10.1 - Info Disclosure
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message.
CVSS 9.8
CVE-2018-14350 WRITEUP CRITICAL
Mutt < 1.10.1 and NeoMutt < 20180716 - Stack-based Buffer Overflow via Long INTERNALDATE Field
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.
CVSS 9.8
CVE-2018-14351 WRITEUP CRITICAL
Mutt < 1.10.1 and NeoMutt < 20180716 - Denial of Service via IMAP Status Mailbox Literal Count
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size.
CVSS 9.8
CVE-2018-14352 WRITEUP CRITICAL
Mutt < 1.10.1 and NeoMutt < 20180716 - Stack-based Buffer Overflow in imap_quote_string
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow.
CVSS 9.8
CVE-2018-14353 WRITEUP CRITICAL
Mutt < 1.10.1 and NeoMutt < 20180716 - Integer Underflow in imap_quote_string
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c has an integer underflow.
CVSS 9.8
CVE-2018-14354 WRITEUP CRITICAL
Mutt < 1.10.1 and NeoMutt < 20180716 - OS Command Injection via IMAP Mailboxes Command
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription.
CVSS 9.8
CVE-2018-14355 WRITEUP MEDIUM
Mutt <1.10.1 - Path Traversal
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.
CVSS 5.3
CVE-2018-14356 WRITEUP CRITICAL
Mutt <1.10.1 - Info Disclosure
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.
CVSS 9.8
CVE-2018-14357 WRITEUP CRITICAL
Mutt < 1.10.1 and NeoMutt < 20180716 - Remote Command Execution via IMAP Mailbox Subscription
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.
CVSS 9.8
CVE-2018-14358 WRITEUP CRITICAL
Mutt < 1.10.1 and NeoMutt < 20180716 - Stack-based Buffer Overflow via Long RFC822.SIZE FETCH Response
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.
CVSS 9.8