Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ethereum go ethereum - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40591
go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix is included in geth version `1.12.1-stabl...
Ethereum Go Ethereum
384
VMScore
CVE-2022-29177
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 cont...
Ethereum Go Ethereum
446
VMScore
CVE-2022-23328
A design flaw in all versions of Go-Ethereum allows an attacker node to send 5120 pending transactions of a high gas price from one account that all fully spend the full balance of the account to a victim Geth node, which can purge all of pending transactions in a victim node...
Ethereum Go Ethereum -
NA
CVE-2022-37450
Go Ethereum (aka geth) up to and including 1.10.21 allows malicious users to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making (RUM), as exploited in t...
Ethereum Go Ethereum
446
VMScore
CVE-2021-39137
go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum (Geth) could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be ...
Ethereum Go Ethereum
2 Github repositories
445
VMScore
CVE-2018-16733
In Go Ethereum (aka geth) prior to 1.8.14, TraceChain in eth/api_tracer.go does not verify that the end block is after the start block.
Ethereum Go Ethereum
446
VMScore
CVE-2018-12018
The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) prior to 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows malicious users to launch a Denial of Service attack by sending a p...
Ethereum Go Ethereum
2 Github repositories
446
VMScore
CVE-2022-23327
A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a victim node's memory pool, causing a denial of service (DoS).
Ethereum Go Ethereum
446
VMScore
CVE-2020-26240
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw in Geth before version 1.9.24 could cause miners to erroneously calculate PoW in an upcoming epoch (estimated early January, 2021). This happened...
Ethereum Go Ethereum
490
VMScore
CVE-2020-26241
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled d...
Ethereum Go Ethereum
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »