18 matches found
AZL-69967 CVE-2025-64436 affecting package kubevirt 0.59.0-38
KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vulnerability could...
EUVD-2022-1547
Malicious code in bioql PyPI...
EUVD-2023-2566
Malicious code in bioql PyPI...
CVE-2022-23328
A design flaw in all versions of Go-Ethereum allows an attacker node to send 5120 pending transactions of a high gas price from one account that all fully spend the full balance of the account to a victim Geth node, which can purge all of pending transactions in a victim node's memory pool and th...
CVE-2022-23327
A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a victim node's memory pool, causing a denial of service DoS...
CVE-2024-32972
go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version 1.13.15...
Resource Exhaustion
go-ethereum geth is vulnerable to a Resource Exhaustion. The vulnerability is due to a lack of proper handling of specially crafted p2p messages sent from an attacker node, causing vulnerable nodes to consume excessive amounts of memory...
Ethereum Go-ethereum 安全漏洞
Ethereum Go-ethereum is a codebase from the Ethereum community that implements the Ethereum protocol in the Go language. A security vulnerability exists in Ethereum Go-ethereum versions prior to 1.13.15, which stems from a vulnerable node that may consume a large amount of memory when processing...
CVE-2023-40591 Denial of service via malicious p2p message in go-ethereum
go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix is included in geth version 1.12.1-stable, i.e,...
CVE-2023-40591 Denial of service via malicious p2p message in go-ethereum
go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix is included in geth version 1.12.1-stable, i.e,...
CVE-2022-29177 DoS via malicious p2p message in Go-Ethereum
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that...
CVE-2022-29177 DoS via malicious p2p message in Go-Ethereum
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that...
PT-2022-19431 · Unknown · Go-Ethereum
Name of the Vulnerable Software and Affected Versions: Go Ethereum versions prior to 1.10.17 Description: A vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Recommendations: For versions pri...
GHSA-PVX3-GM3C-GMPR Denial of Service in Go-Ethereum
A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a victim node's memory pool, causing a denial of service DoS...
Denial of Service in Go-Ethereum
A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a victim node's memory pool, causing a denial of service DoS...
Denial of Service in Go-Ethereum
A design flaw in all versions of Go-Ethereum allows an attacker node to send 5120 pending transactions of a high gas price from one account that all fully spend the full balance of the account to a victim Geth node, which can purge all of pending transactions in a victim node's memory pool and th...
GHSA-VMF7-HMH6-VV57 Denial of Service in Go-Ethereum
A design flaw in all versions of Go-Ethereum allows an attacker node to send 5120 pending transactions of a high gas price from one account that all fully spend the full balance of the account to a victim Geth node, which can purge all of pending transactions in a victim node's memory pool and th...
Design/Logic Flaw
A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a victim node's memory pool, causing a denial of service DoS...