VYPR

CWE-190

Integer Overflow or Wraparound

BaseStableLikelihood: Medium

Description

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-92

CVEs mapped to this weakness (1,551)

page 44 of 78
  • CVE-2018-13465HigJul 9, 2018
    risk 0.49cvss 7.5epss 0.01

    The mintToken function of a smart contract implementation for PaulyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

  • CVE-2018-13464HigJul 9, 2018
    risk 0.49cvss 7.5epss 0.01

    The mintToken function of a smart contract implementation for t_swap, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

  • CVE-2018-13463HigJul 9, 2018
    risk 0.49cvss 7.5epss 0.01

    The mintToken function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

  • CVE-2018-13462HigJul 9, 2018
    risk 0.49cvss 7.5epss 0.01

    The mintToken function of a smart contract implementation for MoonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

  • CVE-2018-3577HigJul 6, 2018
    risk 0.49cvss 7.5epss 0.01

    While processing fragments, when the fragment count becomes very large, an integer overflow leading to a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

  • CVE-2018-13328HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The transfer, transferFrom, and mint functions of a smart contract implementation for PFGc, an Ethereum token, have an integer overflow.

  • CVE-2018-13327HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The transfer and transferFrom functions of a smart contract implementation for ChuCunLingAIGO (CCLAG), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.

  • CVE-2018-13326HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The transfer and transferFrom functions of a smart contract implementation for Bittelux (BTX), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.

  • CVE-2018-13325HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow.

  • CVE-2018-13233HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The sell function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

  • CVE-2018-13232HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The sell function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

  • CVE-2018-13231HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The sell function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

  • CVE-2018-13230HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The sell function of a smart contract implementation for DestiNeed (DSN), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

  • CVE-2018-13229HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The sell function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

  • CVE-2018-13228HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The sell function of a smart contract implementation for Crowdnext (CNX), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

  • CVE-2018-13227HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The sell function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

  • CVE-2018-13226HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The sell function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

  • CVE-2018-13225HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The sell function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

  • CVE-2018-13224HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The sell function of a smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.

  • CVE-2018-13223HigJul 5, 2018
    risk 0.49cvss 7.5epss 0.01

    The sell function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.