84 matches found
EUVD-2015-6410
Malware in sbrugna...
EUVD-2015-6416
Malware in sbrugna...
EUVD-2015-6415
Malware in sbrugna...
EUVD-2025-4965
Malicious code in bioql PyPI...
EUVD-2025-18117
Malicious code in bioql PyPI...
EUVD-2025-6276
Malicious code in bioql PyPI...
EUVD-2025-5954
Malicious code in bioql PyPI...
Malicious code in ibc (npm)
The package ibc was found to contain malicious code...
MAL-2025-22877 Malicious code in ibc (npm)
The package ibc was found to contain malicious code...
Integer Overflow
github.com/cosmwasm/wasmd is vulnerable to integer overflow. The vulnerability is due to a contract error being ignored during IBC channel initialization, allowing the channel to open despite the error...
GO-2025-3755 CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error in github.com/CosmWasm/wasmd
CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error in github.com/CosmWasm/wasmd...
CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error
CWA-2025-006: Improper error handling may lead to IBC channel opening despite error Severity High Considerable + Likely^1 Affected versions: - wasmd 0.60.0 - wasmd = 0.51.0 0.55.1 Patched versions: - wasmd 0.60.1, 0.55.1, 0.54.1, 0.53.3 Description of the bug A contract erroring during IBC channe...
GHSA-79XG-Q4QM-7V9W CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error
CWA-2025-006: Improper error handling may lead to IBC channel opening despite error Severity High Considerable + Likely^1 Affected versions: - wasmd 0.60.0 - wasmd = 0.51.0 0.55.1 Patched versions: - wasmd 0.60.1, 0.55.1, 0.54.1, 0.53.3 Description of the bug A contract erroring during IBC channe...
ibc (>=0.11.0 <=0.19.0), ibc-client-tendermint (>=0.48.0 <=0.55.1) +11 more potentially affected by unknown CVE via tendermint-light-client-verifier (>=0.23.5 <=0.38.1)
tendermint-light-client-verifier CARGO version =0.23.5, =0.11.0, =0.48.0, =0.48.0, =0.11.0, =0.11.0, =0.11.0, =0.11.0, =0.15.0, =0.1.0, =0.23.5, =0.32.0, =0.23.0, =0.1.0, =0.1.0-pre.1 Source cves: unknown CVE Source advisory: OSV:GHSA-6JRF-4JV4-R9MW...
GO-2025-3520 cheqd-node Security patch for upstream vulnerabilities in IBC-Go (ISA-2025-001) and Cosmos SDK (ISA-2025-002) in github.com/cheqd/cheqd-node
cheqd-node Security patch for upstream vulnerabilities in IBC-Go ISA-2025-001 and Cosmos SDK ISA-2025-002 in github.com/cheqd/cheqd-node. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causin...
Malicious code in solidity-ibc-eureka (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d923c9d1d5e1d4fa797e2afa71b32c1e06ba2710f46b4110977f40a9aac9bbd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Deserialization Of Untrusted Data
github.com/cosmos/ibc-go is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper deserialization due to non-deterministic behavior when processing acknowledgments, which can halt the chain if exploited by a user opening an IBC channel...
Denial Of Service
IBC-Go is vulnerable to Denial Of Service. The vulnerability is due to improper handling of JSON unmarshalling for IBC Acknowledgements, allows an attacker to trigger a denial-of-service DoS condition and leads to non-deterministic behavior that can halt the chain...
GO-2025-3517 Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt in github.com/cosmos/ibc-go
Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt in github.com/cosmos/ibc-go...
cheqd-node Security patch for upstream vulnerabilities in IBC-Go (ISA-2025-001) and Cosmos SDK (ISA-2025-002)
Description There have been two upstream security advisories and associated patches published under ISA-2025-001 and ISA-2025-002. ISA-2025-001 affects the IBC-Go package., where non-deterministic JSON unmarshalling of IBC Acknowledgements can result in a chain halt. ISA-2025-002 affects the Cosm...