84 matches found
EUVD-2015-6416
Malware in sbrugna...
EUVD-2015-6410
Malware in sbrugna...
EUVD-2015-6415
Malware in sbrugna...
EUVD-2025-6276
Malicious code in bioql PyPI...
EUVD-2025-5954
Malicious code in bioql PyPI...
EUVD-2025-4965
Malicious code in bioql PyPI...
EUVD-2025-18117
Malicious code in bioql PyPI...
MAL-2025-22877 Malicious code in ibc (npm)
The package ibc was found to contain malicious code...
Malicious code in ibc (npm)
The package ibc was found to contain malicious code...
Integer Overflow
github.com/cosmwasm/wasmd is vulnerable to integer overflow. The vulnerability is due to a contract error being ignored during IBC channel initialization, allowing the channel to open despite the error...
GO-2025-3755 CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error in github.com/CosmWasm/wasmd
CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error in github.com/CosmWasm/wasmd...
GHSA-79XG-Q4QM-7V9W CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error
CWA-2025-006: Improper error handling may lead to IBC channel opening despite error Severity High Considerable + Likely^1 Affected versions: - wasmd 0.60.0 - wasmd = 0.51.0 0.55.1 Patched versions: - wasmd 0.60.1, 0.55.1, 0.54.1, 0.53.3 Description of the bug A contract erroring during IBC channe...
CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error
CWA-2025-006: Improper error handling may lead to IBC channel opening despite error Severity High Considerable + Likely^1 Affected versions: - wasmd 0.60.0 - wasmd = 0.51.0 0.55.1 Patched versions: - wasmd 0.60.1, 0.55.1, 0.54.1, 0.53.3 Description of the bug A contract erroring during IBC channe...
ibc (>=0.11.0 <=0.19.0), ibc-client-tendermint (>=0.48.0 <=0.55.1) +11 more potentially affected by unknown CVE via tendermint-light-client-verifier (>=0.23.5 <=0.38.1)
tendermint-light-client-verifier CARGO version =0.23.5, =0.11.0, =0.48.0, =0.48.0, =0.11.0, =0.11.0, =0.11.0, =0.11.0, =0.15.0, =0.1.0, =0.23.5, =0.32.0, =0.23.0, =0.1.0, =0.1.0-pre.1 Source cves: unknown CVE Source advisory: OSV:GHSA-6JRF-4JV4-R9MW...
GO-2025-3520 cheqd-node Security patch for upstream vulnerabilities in IBC-Go (ISA-2025-001) and Cosmos SDK (ISA-2025-002) in github.com/cheqd/cheqd-node
cheqd-node Security patch for upstream vulnerabilities in IBC-Go ISA-2025-001 and Cosmos SDK ISA-2025-002 in github.com/cheqd/cheqd-node. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causin...
Malicious code in solidity-ibc-eureka (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d923c9d1d5e1d4fa797e2afa71b32c1e06ba2710f46b4110977f40a9aac9bbd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Deserialization Of Untrusted Data
github.com/cosmos/ibc-go is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper deserialization due to non-deterministic behavior when processing acknowledgments, which can halt the chain if exploited by a user opening an IBC channel...
Denial Of Service
IBC-Go is vulnerable to Denial Of Service. The vulnerability is due to improper handling of JSON unmarshalling for IBC Acknowledgements, allows an attacker to trigger a denial-of-service DoS condition and leads to non-deterministic behavior that can halt the chain...
GO-2025-3517 Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt in github.com/cosmos/ibc-go
Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt in github.com/cosmos/ibc-go...
cheqd-node Security patch for upstream vulnerabilities in IBC-Go (ISA-2025-001) and Cosmos SDK (ISA-2025-002)
Description There have been two upstream security advisories and associated patches published under ISA-2025-001 and ISA-2025-002. ISA-2025-001 affects the IBC-Go package., where non-deterministic JSON unmarshalling of IBC Acknowledgements can result in a chain halt. ISA-2025-002 affects the Cosm...