Lucene search
K

20 matches found

OSV
OSV
added 2026/02/19 9:7 p.m.9 views

CVE-2026-26313 Go Ethereum affected by DoS via malicious p2p message

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.17.0, an attacker can cause high memory usage by sending a specially-crafted p2p message. The issue is resolved in the v1.17.0 release...

6.9CVSS5.8AI score0.00578EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/02/19 9:7 p.m.3 views

CVE-2026-26313

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.17.0, an attacker can cause high memory usage by sending a specially-crafted p2p message. The issue is resolved in the v1.17.0 release...

7.5CVSS6.1AI score0.00578EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.12 views

PT-2026-20349

Name of the Vulnerable Software and Affected Versions go-ethereum Geth versions prior to 1.16.9 go-ethereum Geth version 1.17.0 Description A flaw exists in the ECIES cryptography implementation within go-ethereum Geth that could allow an attacker to extract bits of the p2p node key. The issue is...

9.9CVSS5.2AI score0.27661EPSS
Exploits45References121
Snyk
Snyk
added 2026/01/13 9:55 p.m.4 views

Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception in the handling of failed KZG verification for p2p messages. An attacker can cause a node to shut down or crash by sending a specially crafted message. Remediation Upgrade github.com/ethereum/go-ethereum/crypto/ecies ...

7.5CVSS6.8AI score0.00569EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/13 9:55 p.m.2 views

Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception in the handling of failed KZG verification for p2p messages. An attacker can cause a node to shut down or crash by sending a specially crafted message. Remediation Upgrade github.com/ethereum/go-ethereum/core/txpool t...

7.5CVSS6.8AI score0.00636EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-5589

Malicious code in bioql PyPI...

5.9CVSS5.9AI score0.0091EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1428

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00846EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2566

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00981EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 12:41 a.m.7 views

CVE-2022-29177

Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that...

5.9CVSS6.6AI score0.0091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:12 a.m.8 views

CVE-2024-32972

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version 1.13.15...

7.5CVSS6.8AI score0.00846EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/26 5:30 p.m.16 views

CVE-2024-47130 Missing Authentication for Critical Function in goTenna Pro

The goTenna Pro App allows unauthenticated attackers to remotely update the local public keys used for P2P and group messages. It is advised to update your app to the current release for enhanced encryption protocols...

8.8CVSS0.00216EPSS
Exploits0References1
Veracode
Veracode
added 2024/05/07 7:26 p.m.33 views

Resource Exhaustion

go-ethereum geth is vulnerable to a Resource Exhaustion. The vulnerability is due to a lack of proper handling of specially crafted p2p messages sent from an attacker node, causing vulnerable nodes to consume excessive amounts of memory...

7.5CVSS6.7AI score0.00846EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/06 2:26 p.m.12 views

CVE-2024-32972 go-ethereum denial of service via malicious p2p message

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version 1.13.15...

7.5CVSS6.8AI score0.00846EPSS
Exploits0References2
Snyk
Snyk
added 2024/05/06 2:20 p.m.3 views

Resource Exhaustion

Overview Affected versions of this package are vulnerable to Resource Exhaustion when handling specially crafted p2p messages. A vulnerable node can be made to consume very large amounts of memory. Remediation Upgrade github.com/microstack-tech/parallax/core/rawdb to version 0.1.4 or higher...

8.7CVSS7.4AI score0.00846EPSS
Exploits0References3
Veracode
Veracode
added 2023/09/11 7:28 a.m.23 views

Memory Exhaustion

go-ethereum is vulnerable to a memory consumption. The vulnerability is due to a node which can be made to consume unbounded amounts of memory when handling a malicious crafted p2p messages sent from an attacker node. The attacker could use this issue to cause memory exhaustion leading to Denial ...

7.5CVSS6.6AI score0.00981EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2023/09/06 7:15 p.m.21 views

Design/Logic Flaw

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix is included in geth version 1.12.1-stable, i.e,...

5CVSS7.5AI score0.00981EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/09/06 6:7 p.m.29 views

CVE-2023-40591 Denial of service via malicious p2p message in go-ethereum

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix is included in geth version 1.12.1-stable, i.e,...

7.5CVSS7.5AI score0.00981EPSS
Exploits0References5
OSV
OSV
added 2022/05/20 4:20 p.m.23 views

CVE-2022-29177 DoS via malicious p2p message in Go-Ethereum

Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that...

5.9CVSS5.8AI score0.0091EPSS
Exploits0References4
CVE
CVE
added 2022/05/20 4:20 p.m.101 views

CVE-2022-29177

CVE-2022-29177 affects the Go Ethereum (go-ethereum) client. Before version 1.10.17, a node configured with high verbosity logging could crash when processing specially crafted p2p messages from a attacker node. A patch in v1.10.17 addresses the issue; as a workaround, setting the log level to IN...

5.9CVSS5.5AI score0.0091EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/05/20 12:0 a.m.3 views

PT-2022-19431 · Unknown · Go-Ethereum

Name of the Vulnerable Software and Affected Versions: Go Ethereum versions prior to 1.10.17 Description: A vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Recommendations: For versions pri...

5.9CVSS7.1AI score0.0091EPSS
Exploits0References8
Rows per page
Query Builder