Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ethereum vulnerabilities and exploits
(subscribe to this query)
8.7
CVSSv3
CVE-2020-5232
A user who owns an ENS domain can set a trapdoor, allowing them to transfer ownership to another user, and later regain ownership without the new owners consent or awareness. A new ENS deployment is being rolled out that fixes this vulnerability in the ENS registry.
Ens.domains Ethereum Name Service
1 Github repository
6.5
CVSSv3
CVE-2023-38698
Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. According to the documentation, controllers are allowed to register new domains and extend the expiry of existing domains, but they cannot change the ownership or re...
Ens.domains Ethereum Name Service
5.3
CVSSv3
CVE-2023-36980
An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the value of betsize+casino.balance exceeds the threshold.
Ethereum Blockchain 0.1.1\\+commit.6ff4cd6
5.3
CVSSv3
CVE-2021-39193
Frontier is Substrate's Ethereum compatibility layer. Prior to commit number 0b962f218f0cdd796dadfe26c3f09e68f7861b26, a bug in `pallet-ethereum` can cause invalid transactions to be included in the Ethereum block state in `pallet-ethereum` due to not validating the input da...
Parity Frontier
NA
CVE-2024-32972
go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. before 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth...
7.5
CVSSv3
CVE-2021-25835
Cosmos Network Ethermint <= v0.4.0 is affected by a cross-chain transaction replay vulnerability in the EVM module. Since ethermint uses the same chainIDEpoch and signature schemes with ethereum for compatibility, a verified signature in ethereum is still valid in ethermint wi...
Chainsafe Ethermint
5.5
CVSSv3
CVE-2022-33069
Ethereum Solidity v0.8.14 contains an assertion failure via SMTEncoder::indexOrMemberAssignment() at SMTEncoder.cpp.
Soliditylang Solidity 0.8.13
Soliditylang Solidity 0.8.14
7.5
CVSSv3
CVE-2018-17968
A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a random value that is predictable by an external contract call. The developer wrote a random() function that uses a block timestamp and block hash from the Ethereum blockchain. This can ...
Ruletkaio Ruletkaio -
7.5
CVSSv3
CVE-2018-13145
The mintToken function of a smart contract implementation for JavaSwapTest (JST), an Ethereum token, has an integer overflow.
Javaswaptest Project Javaswaptest -
7.5
CVSSv3
CVE-2018-13325
The _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow.
Boodskap Growchain -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »