CVE-2018-14085
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-14085
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit { uint public start; function sweep(address _token, uint _amount) returns (bool) { start = 0x123456789; return true;} }. Then, when one calls the function sweep() in the UserWallet contract, it will change the sweeperList to 0X123456789.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
UserWallet 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
UserWallet是一款基于以太坊的数字货币。 UserWallet的智能合同实现中存在安全漏洞。攻击者可利用该漏洞将sweeperList的值更改成0X123456789。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2018-14085
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-14085
请登录查看更多情报信息。
Same Patch Batch · n/a · 2018-07-16 · 28 CVEs total
| CVE-2018-13981 | Zeta Producer Desktop CMS 安全漏洞 | |
| CVE-2018-13832 | WordPress Techotronic all-in-one-favicon插件跨站脚本漏洞 | |
| CVE-2018-12584 | reSIProcate 安全漏洞 | |
| CVE-2018-14324 | Oracle GlassFish Open Source Edition 安全漏洞 | |
| CVE-2018-0385 | Cisco Firepower System Software检测引擎安全漏洞 | |
| CVE-2018-0384 | Cisco FireSIGHT System Software检测引擎安全漏洞 | |
| CVE-2018-0383 | Cisco FireSIGHT System Software检测引擎安全漏洞 | |
| CVE-2018-0370 | Cisco Firepower System Software检测引擎资源管理错误漏洞 | |
| CVE-2018-0369 | 多款Cisco产品Cisco StarOS 输入验证漏洞 | |
| CVE-2018-0368 | Cisco Digital Network Architecture Center 信息泄露漏洞 | |
| CVE-2018-0366 | Cisco Web Security Appliance 跨站脚本漏洞 | |
| CVE-2018-0361 | ClamAV 安全漏洞 | |
| CVE-2018-0360 | ClamAV 数字错误漏洞 | |
| CVE-2018-0341 | Cisco IP Phone 6800、7800和8800系列命令注入漏洞 | |
| CVE-2018-14325 | MP4v2 数字错误漏洞 | |
| CVE-2018-13980 | Zeta Producer Desktop CMS 路径遍历漏洞 | |
| CVE-2018-11717 | ZOHO ManageEngine Desktop Central 安全漏洞 | |
| CVE-2018-11716 | ZOHO ManageEngine Desktop Central 安全漏洞 | |
| CVE-2014-2079 | X File Explorer 安全漏洞 | |
| CVE-2013-0522 | IBM Notes for Windows 安全漏洞 |
Showing top 20 of 28 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8747
Z-BlogPHP Commend Approval c_system_event.php CheckComment i - CVE-2026-8746
Open5GS NRF nghttp2-server.c discover_handler use after free - CVE-2026-8745
Open5GS AUSF nausf-handler.c ogs_timer_add denial of service - CVE-2026-8744
Open5GS NRF context.c ogs_sbi_nf_service_add denial of servi - CVE-2026-8743
Open5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id impr
V. Comments for CVE-2018-14085
No comments yet