Lucene search
+L

174 matches found

CVE
CVE
added 2022/03/07 9:30 p.m.127 views

CVE-2022-24738

Evmos prior to v2.0.1 is vulnerable to draining unclaimed funds by an attacker who creates a malicious chain that does not enforce signature verification and connects it to a target Evmos instance via IBC, enabling migration of claim records and fund transfer. The issue stems from a vulnerability...

8.1CVSS7.4AI score0.01051EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/03/07 9:30 p.m.28 views

CVE-2022-24738 Account compromise in Evmos

Evmos is the Ethereum Virtual Machine EVM Hub on the Cosmos Network. In versions of evmos prior to 2.0.1 attackers are able to drain unclaimed funds from user addresses. To do this an attacker must create a new chain which does not enforce signature verification and connects it to the target evmo...

8.1CVSS7.3AI score0.01051EPSS
Exploits0References5
Prion
Prion
added 2021/10/18 9:15 p.m.22 views

Design/Logic Flaw

The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In evm crate 0.31.0, JUMPI opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. This is a...

7.5CVSS9.5AI score0.00995EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/10/06 12:0 a.m.6 views

Vyper 缓冲区错误漏洞

Vyper is the Pythonic smart contract language for EVM. Vyper suffers from a buffer error vulnerability that stems from an incorrect pointer to the top of the stack, which can lead to memory corruption issues...

8.8CVSS8.1AI score0.01039EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2021/08/25 8:55 p.m.3 views

evm (>=0.13.0 <=0.20.0), evm-gasometer (>=0.13.0 <=0.20.0) +2 more potentially affected by unknown CVE via evm-core (>=0.13.1 <=0.20.0)

evm-core CARGO version =0.13.1, =0.13.0, =0.13.0, =0.13.0, =2.0.0, =2.0.1 Source cves: unknown CVE Source advisory: OSV:GHSA-773Q-5334-5GF9...

5.8AI score
Exploits0
NVD
NVD
added 2021/05/12 6:15 p.m.26 views

CVE-2021-29511

evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the evm crate can over-allocate memory when it is not needed, making it possible for an attacker to perform...

6.5CVSS0.0128EPSS
Exploits0References3
CVE
CVE
added 2021/05/12 5:15 p.m.67 views

CVE-2021-29511

CVE-2021-29511 affects the Rust EVM implementation (evm crate). Before the patch in commit 19ade85, certain memory-opcodes using memory::copy_large could cause memory over-allocation, enabling a denial-of-service. Remediation: upgrade evm to &gt;=0.26.1, or to specific newer releases (0.21.1, 0.2...

6.5CVSS6.4AI score0.0128EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/05/12 12:0 a.m.8 views

PT-2021-18262 · Evm · Evm

Name of the Vulnerable Software and Affected Versions: evm versions prior to 0.21.1 evm versions prior to 0.23.1 evm versions prior to 0.24.1 evm versions prior to 0.25.1 evm versions prior to 0.26.1 Description: The issue is related to the execution of specific EVM opcodes that use evm...

6.5CVSS6.3AI score0.0128EPSS
Exploits0References6
CVE
CVE
added 2020/12/02 5:23 p.m.59 views

CVE-2017-14451

CVE-2017-14451 is an exploitable out-of-bounds read in libevm (CPP‑Ethereum). The root cause, per TALOS/Red Hat/NVD details, is the pow2N function returning exp[_n] without bounds checks, with exp defined as size 6. The _type parameter (0–255) can drive laneCount/laneWidth to values beyond the ar...

10CVSS9.6AI score0.02537EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2020/06/24 12:0 a.m.2 views

Py-EVM Security Vulnerability

Py-EVM is a Python-based implementation of an Ethernet virtual machine. A security vulnerability exists in Py-EVM version 0.2.0-alpha.33. An attacker can exploit the vulnerability to cause a denial of service...

6.8AI score
Exploits0References1
NVD
NVD
added 2018/01/19 11:29 p.m.26 views

CVE-2017-14457

An exploitable information leak/denial of service vulnerability exists in the libevm Ethereum Virtual Machine create2 opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An attacker can...

8.2CVSS8AI score0.01709EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/01/19 11:0 p.m.27 views

CVE-2017-14457

An exploitable information leak/denial of service vulnerability exists in the libevm Ethereum Virtual Machine create2 opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An attacker can...

8.2CVSS8AI score0.01709EPSS
Exploits1References2
CVE
CVE
added 2018/01/19 11:0 p.m.62 views

CVE-2017-14457

The CVE-2017-14457 issue impacts CPP-Ethereum’s libevm create2 opcode handler. A crafted contract can set an extremely large initSize passed to the bytesConstRef used to compute the create2 hash, enabling an out-of-bounds read that can cause memory disclosure or a denial of service. Talos and CVE...

8.2CVSS7.9AI score0.01709EPSS
Exploits1References2Affected Software1
seebug.org
seebug.org
added 2018/01/10 12:0 a.m.64 views

CPP-Ethereum libevm create2 Information Leak Vulnerability(CVE-2017-14457)

Summary An exploitable information leak / denial of service vulnerability exists in the libevm Ethereum Virtual Machine create2 opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An attacker ca...

8.1AI score0.01709EPSS
Exploits1
Rows per page
Query Builder