Vulnerabilities > Ethereum > GO Ethereum > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-18 CVE-2023-42319 Unspecified vulnerability in Ethereum GO Ethereum
Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query.
network
low complexity
ethereum
7.5
2023-09-06 CVE-2023-40591 Unspecified vulnerability in Ethereum GO Ethereum
go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol.
network
low complexity
ethereum
7.5
2022-03-17 CVE-2021-42219 Unspecified vulnerability in Ethereum GO Ethereum 1.10.9
Go-Ethereum v1.10.9 was discovered to contain an issue which allows attackers to cause a denial of service (DoS) via sending an excessive amount of messages to a node.
network
low complexity
ethereum
7.5
2022-03-04 CVE-2022-23327 Unspecified vulnerability in Ethereum GO Ethereum
A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a victim node's memory pool, causing a denial of service (DoS).
network
low complexity
ethereum
7.5
2022-03-04 CVE-2022-23328 Resource Exhaustion vulnerability in Ethereum GO Ethereum
A design flaw in all versions of Go-Ethereum allows an attacker node to send 5120 pending transactions of a high gas price from one account that all fully spend the full balance of the account to a victim Geth node, which can purge all of pending transactions in a victim node's memory pool and then occupy the memory pool to prevent new transactions from entering the pool, resulting in a denial of service (DoS).
network
low complexity
ethereum CWE-400
7.5
2021-08-24 CVE-2021-39137 Interpretation Conflict vulnerability in Ethereum GO Ethereum
go-ethereum is the official Go implementation of the Ethereum protocol.
network
low complexity
ethereum CWE-436
7.5
2020-11-25 CVE-2020-26242 Unspecified vulnerability in Ethereum GO Ethereum
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.
network
low complexity
ethereum
7.5
2020-11-25 CVE-2020-26241 Unspecified vulnerability in Ethereum GO Ethereum
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.
network
low complexity
ethereum
7.1
2020-11-25 CVE-2020-26240 Incorrect Calculation vulnerability in Ethereum GO Ethereum
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.
network
low complexity
ethereum CWE-682
7.5
2018-12-24 CVE-2018-20421 Allocation of Resources Without Limits or Throttling vulnerability in Ethereum GO Ethereum 1.8.19
Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of service (memory consumption) by rewriting the length of a dynamic array in memory, and then writing data to a single memory location with a large index number, as demonstrated by use of "assembly { mstore }" followed by a "c[0xC800000] = 0xFF" assignment.
network
low complexity
ethereum CWE-770
7.5