EUVD-2021-1389

Malware in sbrugna...

EUVD-2023-2817

Malicious code in bioql PyPI...

EUVD-2023-2566

Malicious code in bioql PyPI...

CVE-2023-42319

Geth aka go-ethereum through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service memory consumption and daemon hang via a crafted GraphQL query. NOTE: the vendor's position is that the "graphql endpoint is not designed to withstand attacks by hostile client...

CVE-2020-26265

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept the canonical chain. The fix was included in the Paragade...

CVE-2020-26264

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denial-of-service vulnerability can make a LES server crash via malicious GetProofsV2 request from a connected LES client. This vulnerability only concerns users explicitly...

Consensus Attack

github.com/ethereum/go-ethereum is vulnerable to a Consensus Attack. The vulnerability is due to Geth's pre-compiled dataCopy contract performing a shallow copy on invocation, which allows an attacker to manipulate Ethereum Virtual Machine EVM memory and cause a consensus mismatch between nodes...

SUSE CVE-2020-26264

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denial-of-service vulnerability can make a LES server crash via malicious GetProofsV2 request from a connected LES client. This vulnerability only concerns users explicitly...

PT-2020-16369 · Ethereum · Geth

Name of the Vulnerable Software and Affected Versions: Geth versions prior to 1.9.17 Description: This is a Consensus vulnerability in Geth that can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy contract did a shallow copy on...