Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Evm Security Vulnerabilities

cve
cve

CVE-2024-21629

Rust EVM is an Ethereum Virtual Machine interpreter. In rust-evm, a feature called record_external_operation was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during finalization of a CREATE or...

7.5CVSS

7.3AI Score

0.001EPSS

2024-01-02 10:15 PM
16
cve
cve

CVE-2022-39354

SputnikVM, also called evm, is a Rust implementation of Ethereum Virtual Machine. A custom stateful precompile can use the is_static parameter to determine if the call is executed in a static context (via STATICCALL), and thus decide if stateful operations should be done. Prior to version 0.36.0,.....

7.5CVSS

7.4AI Score

0.001EPSS

2022-10-25 07:15 PM
34
4
cve
cve

CVE-2021-41153

The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In evm crate < 0.31.0, JUMPI opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. This is ...

9.8CVSS

9.5AI Score

0.002EPSS

2021-10-18 09:15 PM
29
cve
cve

CVE-2021-29511

evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use evm_core::Memory::copy_large, the evm crate can over-allocate memory when it is not needed, making it possible for an attacker to perform...

6.5CVSS

6.4AI Score

0.001EPSS

2021-05-12 06:15 PM
33
2
cve
cve

CVE-2013-0186

Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified...

6.1CVSS

6AI Score

0.001EPSS

2019-11-01 07:15 PM
150
cve
cve

CVE-2018-18920

Py-EVM v0.2.0-alpha.33 allows attackers to make a vm.execute_bytecode call that triggers computation._stack.values with '"stack": [100, 100, 0]' where b'\x' was expected, resulting in an execution failure because of an invalid opcode. This is reportedly related to "smart contracts can be executed.....

8.8CVSS

8.6AI Score

0.01EPSS

2018-11-12 02:29 AM
43
cve
cve

CVE-2011-1104

Multiple cross-site request forgery (CSRF) vulnerabilities in Mutare EVM allow remote attackers to hijack the authentication of arbitrary users for requests that (1) change a PIN, (2) delete messages, (3) add a delivery address, or (4) change a delivery...

8AI Score

0.001EPSS

2011-02-28 05:00 PM
18
cve
cve

CVE-2011-1105

Multiple cross-site scripting (XSS) vulnerabilities in Mutare EVM allow remote attackers to inject arbitrary web script or HTML via (1) a delivery address and possibly (2) a...

6.3AI Score

0.002EPSS

2011-02-28 05:00 PM
19