) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- CPE Product Version: cpe:/a:1000guess:1000_guess:-
There are 1 matching records.
Displaying matches 1 through 1.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2018-12454 |
The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an Ethereum gambling game, generates a random value with publicly readable variables such as the current block information and a private variable (which can be read with a getStorageAt call). Therefore, it allows attackers to always win and get rewards. Published: June 17, 2018; 8:29:00 AM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |