CWE-190
Integer Overflow or Wraparound
Description
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-92
CVEs mapped to this weakness (1,551)
page 50 of 78| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-13073 | Hig | 0.49 | 7.5 | 0.01 | Jul 3, 2018 | The mintToken function of a smart contract implementation for ETHEREUMBLACK (ETCBK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||
| CVE-2018-13072 | Hig | 0.49 | 7.5 | 0.01 | Jul 3, 2018 | The mintToken function of a smart contract implementation for Coffeecoin (COFFEE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||
| CVE-2018-13071 | Hig | 0.49 | 7.5 | 0.01 | Jul 3, 2018 | The mintToken function of a smart contract implementation for CCindex10 (T10), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||
| CVE-2018-13070 | Hig | 0.49 | 7.5 | 0.01 | Jul 3, 2018 | The mintToken function of a smart contract implementation for EncryptedToken (ECC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||
| CVE-2018-13069 | Hig | 0.49 | 7.5 | 0.01 | Jul 3, 2018 | The mintToken function of a smart contract implementation for DYchain (DYC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||
| CVE-2018-13068 | Hig | 0.49 | 7.5 | 0.01 | Jul 3, 2018 | The mintToken function of a smart contract implementation for AzurionToken (AZU), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||
| CVE-2018-13041 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2018 | The mint function of a smart contract implementation for Link Platform (LNK), an Ethereum ERC20 token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||
| CVE-2018-12070 | — | Hig | 0.49 | 7.5 | 0.01 | Jun 25, 2018 | The sell function of a smart contract implementation for SEC, a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable… | |
| CVE-2018-12068 | Hig | 0.49 | 7.5 | 0.01 | Jun 25, 2018 | The sell function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable… | ||
| CVE-2018-12067 | Hig | 0.49 | 7.5 | 0.01 | Jun 25, 2018 | The sell function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable… | ||
| CVE-2018-12063 | — | Hig | 0.49 | 7.5 | 0.01 | Jun 25, 2018 | The sell function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a… | |
| CVE-2018-12062 | Hig | 0.49 | 7.5 | 0.01 | Jun 25, 2018 | The sell function of a smart contract implementation for SwftCoin (SWFTC), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable… | ||
| CVE-2018-11446 | Hig | 0.49 | 7.5 | 0.01 | Jun 25, 2018 | The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable… | ||
| CVE-2018-11239 | Hig | 0.49 | 7.5 | 0.01 | May 19, 2018 | An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as… | ||
| CVE-2018-10973 | Hig | 0.49 | 7.5 | 0.01 | May 10, 2018 | An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _value parameters. | ||
| CVE-2018-10706 | Hig | 0.49 | 7.5 | 0.01 | May 10, 2018 | An integer overflow in the transferMulti function of a smart contract implementation for Social Chain (SCA), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets, aka the "multiOverflow" issue. | ||
| CVE-2018-10376 | Hig | 0.49 | 7.5 | 0.02 | Apr 25, 2018 | An integer overflow in the transferProxy function of a smart contract implementation for SmartMesh (aka SMT), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _fee and _value parameters, as exploited in the wild in… | ||
| CVE-2018-10299 | Hig | 0.49 | 7.5 | 0.03 | Apr 23, 2018 | An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin (BEC), the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two… | ||
| CVE-2018-1084 | Hig | 0.49 | 7.5 | 0.03 | Apr 12, 2018 | corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. | ||
| CVE-2018-6917 | Hig | 0.49 | 7.5 | 0.02 | Apr 4, 2018 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Unprivileged users may be… |
- risk 0.49cvss 7.5epss 0.01
The mintToken function of a smart contract implementation for ETHEREUMBLACK (ETCBK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- risk 0.49cvss 7.5epss 0.01
The mintToken function of a smart contract implementation for Coffeecoin (COFFEE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- risk 0.49cvss 7.5epss 0.01
The mintToken function of a smart contract implementation for CCindex10 (T10), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- risk 0.49cvss 7.5epss 0.01
The mintToken function of a smart contract implementation for EncryptedToken (ECC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- risk 0.49cvss 7.5epss 0.01
The mintToken function of a smart contract implementation for DYchain (DYC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- risk 0.49cvss 7.5epss 0.01
The mintToken function of a smart contract implementation for AzurionToken (AZU), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- risk 0.49cvss 7.5epss 0.01
The mint function of a smart contract implementation for Link Platform (LNK), an Ethereum ERC20 token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- risk 0.49cvss 7.5epss 0.01
The sell function of a smart contract implementation for SEC, a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable…
- risk 0.49cvss 7.5epss 0.01
The sell function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable…
- risk 0.49cvss 7.5epss 0.01
The sell function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable…
- risk 0.49cvss 7.5epss 0.01
The sell function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a…
- risk 0.49cvss 7.5epss 0.01
The sell function of a smart contract implementation for SwftCoin (SWFTC), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable…
- risk 0.49cvss 7.5epss 0.01
The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable…
- risk 0.49cvss 7.5epss 0.01
An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as…
- risk 0.49cvss 7.5epss 0.01
An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _value parameters.
- risk 0.49cvss 7.5epss 0.01
An integer overflow in the transferMulti function of a smart contract implementation for Social Chain (SCA), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets, aka the "multiOverflow" issue.
- risk 0.49cvss 7.5epss 0.02
An integer overflow in the transferProxy function of a smart contract implementation for SmartMesh (aka SMT), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _fee and _value parameters, as exploited in the wild in…
- risk 0.49cvss 7.5epss 0.03
An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin (BEC), the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two…
- risk 0.49cvss 7.5epss 0.03
corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.
- risk 0.49cvss 7.5epss 0.02
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Unprivileged users may be…