Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ethereum vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-14003
An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. An attacker could use it to set any user's balance.
Wmctoken Project Wmctoken -
5
CVSSv2
CVE-2018-14004
An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. An attacker could use it to set any user's balance.
Globecoin Project Globecoin -
4.3
CVSSv2
CVE-2018-10944
The request_dividend function of a smart contract implementation for ROC (aka Rasputin Online Coin), an Ethereum ERC20 token, allows malicious users to steal all of the contract's Ether.
Rasputinonline Rasputin Online Coin -
5
CVSSv2
CVE-2018-13130
Bitotal (TFUND) is a smart contract running on Ethereum. The mintTokens function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
Bitotal Bitotal -
5
CVSSv2
CVE-2018-14002
An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. An attacker could use it to set any user's balance.
Mp3 Coin Project Mp3 Coin -
5
CVSSv2
CVE-2018-14005
An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user's balance.
Malaysiancoin Project Malaysiancoin -
5
CVSSv2
CVE-2018-11429
ATLANT (ATL) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
Atlant Atlant -
5
CVSSv2
CVE-2018-13836
An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. An attacker could use it to set any user's balance.
Rocket Coin Project Rocket Coin -
5
CVSSv2
CVE-2018-12959
The approveAndCall function of a smart contract implementation for Aditus (ADI), an Ethereum ERC20 token, allows malicious users to steal assets (e.g., transfer all contract balances into their account).
Aditustoken Project Aditustoken -
5
CVSSv2
CVE-2020-35962
The sellTokenForLRC function in the vault protocol in the smart contract implementation for Loopring (LRC), an Ethereum token, lacks access control for fee swapping and thus allows price manipulation.
Loopring Loopring -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »