Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ethereum vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-38698
Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. According to the documentation, controllers are allowed to register new domains and extend the expiry of existing domains, but they cannot change the ownership or re...
Ens.domains Ethereum Name Service
5
CVSSv2
CVE-2018-10468
The transferFrom function of a smart contract implementation for Useless Ethereum Token (UET), an Ethereum ERC20 token, allows malicious users to steal assets (e.g., transfer all victims' balances into their account) because certain computations involving _value are incorrec...
Uetoken Useless Ethereum Token -
NA
CVE-2023-36980
An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the value of betsize+casino.balance exceeds the threshold.
Ethereum Blockchain 0.1.1\\+commit.6ff4cd6
5
CVSSv2
CVE-2021-39193
Frontier is Substrate's Ethereum compatibility layer. Prior to commit number 0b962f218f0cdd796dadfe26c3f09e68f7861b26, a bug in `pallet-ethereum` can cause invalid transactions to be included in the Ethereum block state in `pallet-ethereum` due to not validating the input da...
Parity Frontier
5
CVSSv2
CVE-2021-25835
Cosmos Network Ethermint <= v0.4.0 is affected by a cross-chain transaction replay vulnerability in the EVM module. Since ethermint uses the same chainIDEpoch and signature schemes with ethereum for compatibility, a verified signature in ethereum is still valid in ethermint wi...
Chainsafe Ethermint
4.3
CVSSv2
CVE-2022-33069
Ethereum Solidity v0.8.14 contains an assertion failure via SMTEncoder::indexOrMemberAssignment() at SMTEncoder.cpp.
Soliditylang Solidity 0.8.13
Soliditylang Solidity 0.8.14
5
CVSSv2
CVE-2018-17968
A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a random value that is predictable by an external contract call. The developer wrote a random() function that uses a block timestamp and block hash from the Ethereum blockchain. This can ...
Ruletkaio Ruletkaio -
5
CVSSv2
CVE-2018-13145
The mintToken function of a smart contract implementation for JavaSwapTest (JST), an Ethereum token, has an integer overflow.
Javaswaptest Project Javaswaptest -
5
CVSSv2
CVE-2018-13325
The _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow.
Boodskap Growchain -
7.5
CVSSv2
CVE-2018-14063
The increaseApproval function of a smart contract implementation for Tracto (TRCT), an Ethereum ERC20 token, has an integer overflow.
Tracto Tracto -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »