Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ethereum vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-26240
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw in Geth before version 1.9.24 could cause miners to erroneously calculate PoW in an upcoming epoch (estimated early January, 2021). This happened...
Ethereum Go Ethereum
4
CVSSv2
CVE-2020-26264
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denial-of-service vulnerability can make a LES server crash via malicious GetProofsV2 request from a connected LES client. This vulnerability only con...
Ethereum Go Ethereum
4.3
CVSSv2
CVE-2022-29177
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 cont...
Ethereum Go Ethereum
5.5
CVSSv2
CVE-2020-26241
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled d...
Ethereum Go Ethereum
1 Github repository
6.8
CVSSv2
CVE-2017-12115
An exploitable improper authorization vulnerability exists in miner_setEtherbase API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass.
Ethereum Cpp-ethereum -
5
CVSSv2
CVE-2020-26242
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.18, there is a Denial-of-service (crash) during block processing. This is fixed in 1.9.18.
Ethereum Go Ethereum
3.5
CVSSv2
CVE-2020-26265
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept the canonical chain. The fix was ...
Ethereum Go Ethereum
5
CVSSv2
CVE-2018-12018
The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) prior to 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows malicious users to launch a Denial of Service attack by sending a p...
Ethereum Go Ethereum
2 Github repositories
6.8
CVSSv2
CVE-2017-12112
An exploitable improper authorization vulnerability exists in admin_addPeer API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can...
Ethereum Cpp-ethereum -
6.8
CVSSv2
CVE-2017-12113
An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker ca...
Ethereum Cpp-ethereum -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »