Vulnerabilities > Ethereum
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-18 | CVE-2023-42319 | Unspecified vulnerability in Ethereum GO Ethereum Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. | 7.5 |
2023-09-11 | CVE-2023-36980 | Unspecified vulnerability in Ethereum Blockchain 0.1.1+Commit.6Ff4Cd6 An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the value of betsize+casino.balance exceeds the threshold. | 5.3 |
2023-09-06 | CVE-2023-40591 | Resource Exhaustion vulnerability in Ethereum GO Ethereum go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. | 7.5 |
2022-08-22 | CVE-2022-1930 | Unspecified vulnerability in Ethereum Eth-Account An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encode_structured_data method | 7.5 |
2022-08-05 | CVE-2022-37450 | Unspecified vulnerability in Ethereum GO Ethereum Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making (RUM), as exploited in the wild in 2020 through 2022. | 5.9 |
2022-05-20 | CVE-2022-29177 | Unspecified vulnerability in Ethereum GO Ethereum Go Ethereum is the official Golang implementation of the Ethereum protocol. | 5.9 |
2022-03-17 | CVE-2021-42219 | Unspecified vulnerability in Ethereum GO Ethereum 1.10.9 Go-Ethereum v1.10.9 was discovered to contain an issue which allows attackers to cause a denial of service (DoS) via sending an excessive amount of messages to a node. | 7.5 |
2022-03-04 | CVE-2022-23327 | Unspecified vulnerability in Ethereum GO Ethereum A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a victim node's memory pool, causing a denial of service (DoS). | 7.5 |
2022-03-04 | CVE-2022-23328 | Resource Exhaustion vulnerability in Ethereum GO Ethereum A design flaw in all versions of Go-Ethereum allows an attacker node to send 5120 pending transactions of a high gas price from one account that all fully spend the full balance of the account to a victim Geth node, which can purge all of pending transactions in a victim node's memory pool and then occupy the memory pool to prevent new transactions from entering the pool, resulting in a denial of service (DoS). | 7.5 |
2021-11-18 | CVE-2021-43668 | NULL Pointer Dereference vulnerability in Ethereum GO Ethereum 1.10.9 Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. | 5.5 |