Vulnerabilities > Ethereum

DATE CVE VULNERABILITY TITLE RISK
2021-08-24 CVE-2021-39137 Interpretation Conflict vulnerability in Ethereum GO Ethereum
go-ethereum is the official Go implementation of the Ethereum protocol.
network
low complexity
ethereum CWE-436
7.5
7.5
2021-01-11 CVE-2020-26800 Out-of-bounds Write vulnerability in Ethereum Aleth
A stack overflow vulnerability in Aleth Ethereum C++ client version <= 1.8.0 using a specially crafted a config.json file may result in a denial of service.
local
low complexity
ethereum CWE-787
5.5
5.5
2020-12-11 CVE-2020-26265 Incorrect Calculation vulnerability in Ethereum GO Ethereum
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.
network
high complexity
ethereum CWE-682
5.3
5.3
2020-12-11 CVE-2020-26264 Resource Exhaustion vulnerability in Ethereum GO Ethereum
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.
network
low complexity
ethereum CWE-400
6.5
6.5
2020-12-02 CVE-2017-14451 Out-of-bounds Read vulnerability in Ethereum
An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of CPP-Ethereum.
network
low complexity
ethereum CWE-125
critical
 10.0
10
2020-11-25 CVE-2020-26242 Unspecified vulnerability in Ethereum GO Ethereum
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.
network
low complexity
ethereum
7.5
7.5
2020-11-25 CVE-2020-26241 Unspecified vulnerability in Ethereum GO Ethereum
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.
network
low complexity
ethereum
7.1
7.1
2020-11-25 CVE-2020-26240 Incorrect Calculation vulnerability in Ethereum GO Ethereum
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.
network
low complexity
ethereum CWE-682
7.5
7.5
2019-06-20 CVE-2018-15890 Deserialization of Untrusted Data vulnerability in Ethereum Ethereumj 1.8.2
An issue was discovered in EthereumJ 1.8.2.
network
low complexity
ethereum CWE-502
critical
 9.8
9.8
2018-12-24 CVE-2018-20421 Allocation of Resources Without Limits or Throttling vulnerability in Ethereum GO Ethereum 1.8.19
Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of service (memory consumption) by rewriting the length of a dynamic array in memory, and then writing data to a single memory location with a large index number, as demonstrated by use of "assembly { mstore }" followed by a "c[0xC800000] = 0xFF" assignment.
network
low complexity
ethereum CWE-770
7.5
7.5