GHSA-27W2-87XV-37C6 nimiq-keys: Unchecked Ed25519 signature length in TaggedPublicKey::verify causes remote node panic via DHT

Impact A malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record containing a TaggedSigned with a signature field whose byte length is not exactly 64. When the victim node's DHT verifier calls TaggedSigned::verify, execution reaches...

CVE-2026-5408

CVE-2026-5408 describes an uncontrolled recursion causing a crash in Wireshark’s BT-DHT protocol dissector. Affected versions are Wireshark 4.6.0–4.6.4 and 4.4.0–4.4.14, with impact listed as denial of service. The connected documents provide the vulnerability name, affected versions, and the exp...

Active Sybil Attack and Efficient Defense Strategy in IPFS DHT

The InterPlanetary File System IPFS is a decentralized peer-to-peer P2P storage that relies on Kademlia, a Distributed Hash Table DHT structure commonly used in P2P systems for its proved scalability. However, DHTs are known to be vulnerable to Sybil attacks, in which a single entity controls...

GO-2024-3218 Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse in github.com/libp2p/go-libp2p-kad-dht

Content Censorship in the InterPlanetary File System IPFS via Kademlia DHT abuse in github.com/libp2p/go-libp2p-kad-dht...

SUSE CVE-2009-3575

Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, 1.2.0, and other versions allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...

dht 安全漏洞

dht is a library that implements the bittorrent DHT protocol in Go by the individual developer Lime. A security vulnerability exists in dht. An attacker could exploit this vulnerability to cause a denial of service on the system...

UBUNTU-CVE-2021-4184

Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file...

Wireshark 安全漏洞

Wireshark formerly Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.Gryphon dissector is one of the Gryphon protocol parsers. A security vulnerability exists in...

DEBIAN-CVE-2021-44847

A stack-based buffer overflow in handlerequest function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 caused by an improper length calculation during the handling of received network packets allows remote attackers to crash the process or potentially execute arbitrary code via...

UBUNTU-CVE-2018-25022

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...

Researchers Show Break in Secure Data Storage System

A team of computer scientists from several universities has devised an attack that is capable of reconstructing the so-called vanishing data objects created by a system called Vanish, which was designed to create secure data objects that would expire after a set time and could never be recreated...