Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vyperlang vyper vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-24560
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to external contracts are made, we write the input buffer starting at byte 28, and allocate the return buffer to start at byte 0 (overlapping with the input buffer). When checking RETURNDATAS...
Vyperlang Vyper
NA
CVE-2024-24563
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an `int` as an index for an array. The typecheck...
Vyperlang Vyper
NA
CVE-2023-40015
Vyper is a Pythonic Smart Contract Language. For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. `unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operat...
Vyperlang Vyper
5
CVSSv2
CVE-2022-29255
Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions before 0.3.4 when a calling an external contract with no return value, the contract address (including side effects) could be evaluated twice. This may result in incorrect outcomes for contr...
Vyperlang Vyper
NA
CVE-2024-22419
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the `build_IR` for `concat` doesn't pro...
Vyperlang Vyper
NA
CVE-2024-24561
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and previous versions, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice() function uses a n...
Vyperlang Vyper
NA
CVE-2022-29175
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: This candidate was withdrawn. Further investigation showed that it was not a security issue. Notes: Consult https://github.com/vyperlang/vyper/security/advisories/GHSA-42j8-8cjv-j5r9 for more information...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3