CWE-190— Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.— MITRE CWE catalog
2,938 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-190page 9 of 59
- CVE-2018-13203HIGHCVSS 7.5EG 7.52018-07-05
The sellBuyerTokens function of a smart contract implementation for SwapToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13204HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for ETHERCASH (ETC), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13205HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13206HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for ProvidenceCasino (PVE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13207HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for PornCoin (PRNC), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13208HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for MoneyTree (TREE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13209HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for Nectar (NCTR), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13210HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for Providence Crypto Casino (PVE) (Contract Name: ProvidenceCasinoToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a s…
- CVE-2018-13211HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for MyToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13212HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for EthereumLegit, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13213HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for TravelCoin (TRV), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13214HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for GMile, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13215HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for Sample Token (STK) (Contract Name: cashBackMintable), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13216HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for GreenMed (GRMD), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13217HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for CoinToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13218HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for ICO Dollar (ICOD), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13219HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for YourCoin (ICO) (Contract Name: ETH033), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13220HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for MAVCash, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13221HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13222HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13223HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13224HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's ass…
- CVE-2018-13225HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13226HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13227HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13228HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for Crowdnext (CNX), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13229HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13230HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for DestiNeed (DSN), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13231HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13232HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13233HIGHCVSS 7.5EG 7.52018-07-05
The sell function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
- CVE-2018-13325HIGHCVSS 7.5EG 7.52018-07-05
The _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow.
- CVE-2018-13326HIGHCVSS 7.5EG 7.52018-07-05
The transfer and transferFrom functions of a smart contract implementation for Bittelux (BTX), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.
- CVE-2018-13327HIGHCVSS 7.5EG 7.52018-07-05
The transfer and transferFrom functions of a smart contract implementation for ChuCunLingAIGO (CCLAG), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.
- CVE-2018-13328HIGHCVSS 7.5EG 7.52018-07-05
The transfer, transferFrom, and mint functions of a smart contract implementation for PFGc, an Ethereum token, have an integer overflow.
- CVE-2018-13347CRITICALCVSS 9.8EG 9.82018-07-06
mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.
- CVE-2018-13406HIGHCVSS 7.8EG 7.82018-07-06
An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array i…
- CVE-2018-13462HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for MoonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13463HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13464HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for t_swap, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13465HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for PaulyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13466HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for Crystals, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13467HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for EpiphanyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13468HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for Cavecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13469HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for IcoContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13470HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for BuyerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13471HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for BeyondCashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13472HIGHCVSS 7.5EG 7.52018-07-09
The mint function of a smart contract implementation for CloutToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13473HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13474HIGHCVSS 7.5EG 7.52018-07-09
The mintToken function of a smart contract implementation for FansChainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
Map vulnerabilities like CWE-190 to your infrastructure
EchelonGraph correlates every CVE — across CWE-190 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →