Vulnerabilities > Ethereum > GO Ethereum > 0.9.26
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-18 | CVE-2023-42319 | Unspecified vulnerability in Ethereum GO Ethereum Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. | 7.5 |
| 2022-08-05 | CVE-2022-37450 | Unspecified vulnerability in Ethereum GO Ethereum Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making (RUM), as exploited in the wild in 2020 through 2022. | 5.9 |
| 2022-05-20 | CVE-2022-29177 | Unspecified vulnerability in Ethereum GO Ethereum Go Ethereum is the official Golang implementation of the Ethereum protocol. | 5.9 |
| 2022-03-04 | CVE-2022-23327 | Unspecified vulnerability in Ethereum GO Ethereum A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a victim node's memory pool, causing a denial of service (DoS). | 7.5 |
| 2020-12-11 | CVE-2020-26264 | Resource Exhaustion vulnerability in Ethereum GO Ethereum Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. | 6.5 |
| 2020-11-25 | CVE-2020-26242 | Unspecified vulnerability in Ethereum GO Ethereum Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. | 7.5 |
| 2020-11-25 | CVE-2020-26241 | Unspecified vulnerability in Ethereum GO Ethereum Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. | 7.1 |
| 2020-11-25 | CVE-2020-26240 | Incorrect Calculation vulnerability in Ethereum GO Ethereum Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. | 7.5 |
| 2018-09-08 | CVE-2018-16733 | Improper Input Validation vulnerability in Ethereum GO Ethereum In Go Ethereum (aka geth) before 1.8.14, TraceChain in eth/api_tracer.go does not verify that the end block is after the start block. | 7.5 |
| 2018-07-05 | CVE-2018-12018 | Improper Validation of Array Index vulnerability in Ethereum GO Ethereum The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. | 7.5 |