Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zcash vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-11636
Zcash 2.x allows an inexpensive approach to "fill all transactions of all blocks" and "prevent any real transaction from occurring" via a "Sapling Wood-Chipper" attack.
Z.cash Zcash 2.0.5
Z.cash Zcash
1 Github repository
445
VMScore
CVE-2019-16930
Zcashd in Zcash prior to 2.0.7-3 allows discovery of the IP address of a full node that owns a shielded address, related to mishandling of exceptions during deserialization of note plaintexts. This affects anyone who has disclosed their zaddr to a third party.
Z.cash Zcash
445
VMScore
CVE-2019-7167
Zcash, before the Sapling network upgrade (2018-10-28), had a counterfeiting vulnerability. A key-generation process, during evaluation of polynomials related to a to-be-proven statement, produced certain bypass elements. Availability of these elements allowed a cheating prover t...
Z.cash Zcash
445
VMScore
CVE-2017-15300
The miner statistics HTTP API in EWBF Cuda Zcash Miner Version 0.3.4b hangs on incoming TCP connections until some sort of request is made (such as "GET / HTTP/1.1"), which allows for a Denial of Service attack preventing a user from viewing their mining statistics by a...
Ewbf Cuda Zcash Miner 0.3.4b
445
VMScore
CVE-2018-10831
Z-NOMP prior to 2018-04-05 has an incorrect Equihash solution verifier that allows malicious users to spoof mining shares, as demonstrated by providing a solution with {x1=1,x2=1,x3=1,...,x512=1} to bypass this verifier for any blockheader. This originally affected (for example) ...
Zclassic Z-nomp
NA
CVE-2019-17048
Zcash PING vulnerability. Affects both Sapling and Sprout addresses, and is caused by the internal wallet code processing new transactions inline with the network code. An attacker could also forward a transaction from another node to the victim and learn the association between ...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started