Lucene search
K

18 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/23 7:31 p.m.5 views

Malicious code in eslint-plugin-ethereumjs (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/10/23 7:31 p.m.1 views

MAL-2025-48840 Malicious code in eslint-plugin-ethereumjs (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/19 3:49 a.m.3 views

Malicious code in shanye-ethereumjs-utill (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f814c33a73ebb5b7666c8992f190fa3bc72c80a9580f40c2d73fed35b14e0348 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/03/19 3:49 a.m.1 views

MAL-2025-2557 Malicious code in shanye-ethereumjs-utill (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f814c33a73ebb5b7666c8992f190fa3bc72c80a9580f40c2d73fed35b14e0348 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/09/11 7:52 a.m.2 views

Malicious code in @huoshanjiebai/ethereumjs-utill (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7a36fccca657e26ff9ded801631d537ad159e26045c0be4de99b31d351e20d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/09/11 7:52 a.m.8 views

MAL-2023-8067 Malicious code in @huoshanjiebai/ethereumjs-utill (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7a36fccca657e26ff9ded801631d537ad159e26045c0be4de99b31d351e20d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:18 p.m.2 views

Malicious code in ethereumjs-utils-old (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7a448dcf4eb2492d9c83dbfdf881973de080023a4e269bd314dd6ae113ad159 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Veracode
Veracode
added 2019/07/10 4:47 a.m.18 views

Denial Of Service (DoS)

ethereumjs-vm is vulnerabel to denial of service. An attacker is able to crash the application via a malicious code Buffer.frommycode, 'hex' attribute...

7.5CVSS7.1AI score0.03101EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2018/11/21 10:22 p.m.1 views

GHSA-2MW7-WGGM-M6W3 Denial of Service in ethereumjs-vm

ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute...

7.5CVSS5.9AI score0.03101EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2018/11/21 10:22 p.m.3 views

blockapps-vm (>=2.0.0 <=2.1.0), blockapps-web3 (>=1.1.4 <=1.1.6) +11 more potentially affected by CVE-2018-19183 via ethereumjs-vm (>=1.2.1 <=2.4.0)

ethereumjs-vm NPM version =1.2.1, =2.0.0, =1.1.4, =1.1.0, =0.0.2, =1.0.1, =3.0.4, =0.1.1, =0.0.1, =1.1.6, =1.1.41 - newstudio-lib =0.1.0 - remix-solidity =0.0.1 Source cves: CVE-2018-19183 Source advisory: OSV:GHSA-2MW7-WGGM-M6W3...

7.5CVSS7.1AI score0.03101EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2018/11/21 10:22 p.m.28 views

Denial of Service in ethereumjs-vm

ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute...

7.5CVSS5.2AI score0.03101EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2018/11/13 12:0 a.m.2 views

ethereumjs-vm denial of service vulnerability

ethereumjs-vm is a JavaScript-based implementation of an ethereum virtual machine. A security vulnerability exists in ethereumjs-vm version 2.4.0. An attacker can exploit this vulnerability to cause a denial of service with the 'code: Buffer.frommycode, 'hex'' property...

7.5CVSS7.3AI score0.03101EPSS
Exploits1References1
Prion
Prion
added 2018/11/12 2:29 a.m.11 views

Code injection

ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic...

5CVSS7.4AI score0.03101EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2018/11/12 2:29 a.m.16 views

CVE-2018-19183

ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic...

7.5CVSS7.4AI score0.03101EPSS
Exploits1References3
OSV
OSV
added 2018/11/12 2:29 a.m.7 views

CVE-2018-19183

ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic...

7.5CVSS7.4AI score
Exploits0References3
CVE
CVE
added 2018/11/12 12:0 a.m.50 views

CVE-2018-19183

CVE-2018-19183 affects ethereumjs-vm 2.4.0. A DoS can be triggered by a code attribute set to Buffer.from(my_code, 'hex'), causing vm.runCode failure and REVERT. The vendor disputes the interpretation, noting REVERT can result from normal bytecode when triggered from high-level code. Connected ad...

7.5CVSS7.4AI score0.03101EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2018/11/12 12:0 a.m.7 views

PT-2018-14844 · Ethereumjs · Ethereumjs-Vm

Name of the Vulnerable Software and Affected Versions: ethereumjs-vm version 2.4.0 Description: The issue allows attackers to cause a denial of service, leading to vm.runCode failure and REVERT, via a code attribute set to Buffer.frommy code, 'hex'. It's worth noting that the vendor disputes this...

7.5CVSS7.3AI score0.03101EPSS
Exploits1References9
Cvelist
Cvelist
added 2018/11/12 12:0 a.m.25 views

CVE-2018-19183

ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic...

7.4AI score0.03101EPSS
Exploits1References3
Rows per page
Query Builder