Vulnerabilities > Ethereum

DATE CVE VULNERABILITY TITLE RISK
2022-03-17 CVE-2021-42219 Unspecified vulnerability in Ethereum GO Ethereum 1.10.9
Go-Ethereum v1.10.9 was discovered to contain an issue which allows attackers to cause a denial of service (DoS) via sending an excessive amount of messages to a node.
network
low complexity
ethereum
5.0
2022-03-04 CVE-2022-23327 Unspecified vulnerability in Ethereum GO Ethereum
A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a victim node's memory pool, causing a denial of service (DoS).
network
low complexity
ethereum
5.0
2022-03-04 CVE-2022-23328 Resource Exhaustion vulnerability in Ethereum GO Ethereum
A design flaw in all versions of Go-Ethereum allows an attacker node to send 5120 pending transactions of a high gas price from one account that all fully spend the full balance of the account to a victim Geth node, which can purge all of pending transactions in a victim node's memory pool and then occupy the memory pool to prevent new transactions from entering the pool, resulting in a denial of service (DoS).
network
low complexity
ethereum CWE-400
5.0
2021-11-18 CVE-2021-43668 NULL Pointer Dereference vulnerability in Ethereum GO Ethereum 1.10.9
Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered.
local
low complexity
ethereum CWE-476
2.1
2021-10-26 CVE-2021-41173 Unspecified vulnerability in Ethereum GO Ethereum
Go Ethereum is the official Golang implementation of the Ethereum protocol.
network
ethereum
3.5
2021-08-24 CVE-2021-39137 Interpretation Conflict vulnerability in Ethereum GO Ethereum
go-ethereum is the official Go implementation of the Ethereum protocol.
network
low complexity
ethereum CWE-436
5.0
2021-01-11 CVE-2020-26800 Out-of-bounds Write vulnerability in Ethereum Aleth
A stack overflow vulnerability in Aleth Ethereum C++ client version <= 1.8.0 using a specially crafted a config.json file may result in a denial of service.
network
ethereum CWE-787
4.3
2020-12-11 CVE-2020-26265 Incorrect Calculation vulnerability in Ethereum GO Ethereum
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.
network
ethereum CWE-682
3.5
2020-12-11 CVE-2020-26264 Resource Exhaustion vulnerability in Ethereum GO Ethereum
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.
network
low complexity
ethereum CWE-400
4.0
2020-12-02 CVE-2017-14451 Out-of-bounds Read vulnerability in Ethereum
An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of CPP-Ethereum.
network
low complexity
ethereum CWE-125
7.5