Parallax is vulnerable to DoS via malicious p2p message

Impact A vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. In order to carry out the attack, the attacker establishes a peer connections to the victim, and sends a malicious GetBlockHeadersRequest message...

PT-2024-25019 · Unknown · Go-Ethereum

Name of the Vulnerable Software and Affected Versions: go-ethereum geth versions prior to 1.13.15 Description: A vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node, potentially resulting in a denial of servic...

CVE-2020-8806

Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced...

Design/Logic Flaw

Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced...

GNU LibreDWG Zero Pointer Vulnerability

GNU LibreDWG is a C language library developed by the GNU Project for working with DWG files. A security vulnerability exists in the 'dwgobjblockcontrolgetblockheaders' function in the dwgapi.c file in GNU LibreDWG version 0.5.1048. A remote attacker can exploit this vulnerability to cause a deni...

Input validation

DISPUTED The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk, multiple candidate root values ending with the same 4 bytes, and calculations involving sqrt...

CVE-2017-9230

The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk, multiple candidate root values ending with the same 4 bytes, and calculations involving sqrt numbers. Th...

PT-2017-18795 · Bitcoin · Bitcoind

Name of the Vulnerable Software and Affected Versions: Bitcoin affected versions not specified Description: The Bitcoin Proof-of-Work algorithm has an issue related to 80-byte block headers with varying initial 64-byte chunks followed by the same 16-byte chunk, and multiple candidate root values...

Apache apr_brigade_flatten() block header parsing vulnerability

Apache is an open source HTTPD service program. A security vulnerability exists in Apache aprbrigadeflatten parsing block headers due to the program failing to properly parse data block headers. A remote attacker exploiting this vulnerability could perform an attack by sending a specially crafted...