56 matches found
CVE-2026-44498
ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit MAXBLOCKSIGOPS, allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who produces such a block...
CVE-2024-34478
btcd before 0.24.0 does not correctly implement the consensus rules outlined in BIP 68 and BIP 112, making it susceptible to consensus failures. Specifically, it uses the transaction version as a signed integer when it is supposed to be treated as unsigned. There can be a chain split and loss of...
EUVD-2021-1653
Malware in sbrugna...
EUVD-2021-1275
Malware in sbrugna...
EUVD-2021-1427
Malware in sbrugna...
EUVD-2024-2904
Malicious code in bioql PyPI...
SUSE CVE-2020-26241
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy at 0x00...04 contract di...
CVE-2021-39137
go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a late...
CVE-2020-26265
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept the canonical chain. The fix was included in the Paragade...
CVE-2024-38365
btcd is an alternative full node bitcoin implementation written in Go golang. The btcd Bitcoin client versions 0.10 to 0.24 did not correctly re-implement Bitcoin Core's "FindAndDelete" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can...
Lodestar snappy checksum issue
Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork network partition requiring hard fork Lodestar does not verify checksum in snappy framing uncompressed chunks. Vulnerability Details In Req/Resp protocol the messages are encoded by...
GHSA-53RV-HCVM-RPP9 Lodestar snappy decompression issue
Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork network partition requiring hard fork Description Lodestar client may fail to decode snappy framing compressed messages. Vulnerability Details In Req/Resp protocol the message are...
Lodestar snappy decompression issue
Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork network partition requiring hard fork Description Lodestar client may fail to decode snappy framing compressed messages. Vulnerability Details In Req/Resp protocol the message are...
SUSE CVE-2024-38365
btcd is an alternative full node bitcoin implementation written in Go golang. The btcd Bitcoin client versions 0.10 to 0.24 did not correctly re-implement Bitcoin Core's "FindAndDelete" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can...
GO-2024-3189 Consensus failure in github.com/btcsuite/btcd
The btcd Bitcoin client versions 0.10 to 0.24 did not correctly re-implement Bitcoin Core's 'FindAndDelete' functionality, causing discrepancies in the validation of Bitcoin blocks. This can lead to a chain split accepting an invalid block or Denial of Service DoS attacks rejecting a valid block...
CVE-2024-38365
btcd is an alternative full node bitcoin implementation written in Go golang. The btcd Bitcoin client versions 0.10 to 0.24 did not correctly re-implement Bitcoin Core's "FindAndDelete" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can...
CVE-2024-38365
CVE-2024-38365 affects btcd (versions 0.10 to 0.24). The issue is a mismatch in Bitcoin Core’s FindAndDelete() versus btcd’s removeOpcodeByData() that can cause btcd to validate blocks differently, risking a chain split (accepting an invalid block) or DoS (rejecting a valid block). The root cause...
CVE-2024-38365 btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality
btcd is an alternative full node bitcoin implementation written in Go golang. The btcd Bitcoin client versions 0.10 to 0.24 did not correctly re-implement Bitcoin Core's "FindAndDelete" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can...
CVE-2024-38365 btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality
btcd is an alternative full node bitcoin implementation written in Go golang. The btcd Bitcoin client versions 0.10 to 0.24 did not correctly re-implement Bitcoin Core's "FindAndDelete" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can...
CVE-2024-38365 btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality
btcd is an alternative full node bitcoin implementation written in Go golang. The btcd Bitcoin client versions 0.10 to 0.24 did not correctly re-implement Bitcoin Core's "FindAndDelete" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can...