EUVD-2022-0577

Malicious code in bioql PyPI...

CVE-2025-54427

CVE-2025-54427 (Polkadot Frontier) : The vulnerability affects Polkadot Frontier’s note_min_gas_price_target intrinsic. Before commit a754b3d, the check_inherent function was not implemented, allowing the block producer to set the target gas price without verification. This input drives MinGasPri...

Transaction Fee Mechanism Design for Leaderless Blockchain Protocols

We initiate the study of transaction fee mechanism design for blockchain protocols in which multiple block producers contribute to the production of each block. Our contributions include: - We propose an extensive-form multi-stage game model to reason about the game theory of multi-proposer...

CVE-2021-45698

An issue was discovered in the ckb crate before 0.40.0 for Rust. A getblocktemplate RPC call may fail in situations where it is supposed to select a Nervos CKB blockchain transaction with a higher fee rate than another transaction...

Evmos vulnerable to DOS and transaction fee expropiation through Authz exploit

Impact What kind of vulnerability is it? Who is impacted? An attacker can use this bug to bypass the block gas limit and gas payment completely to perform a full Denial-of-Service against the chain. Disclosure Evmos versions below v11.0.1 do not check for MsgEthereumTx messages that are nested...

GHSA-V6RW-HHGG-WC4X Evmos vulnerable to DOS and transaction fee expropiation through Authz exploit

Impact What kind of vulnerability is it? Who is impacted? An attacker can use this bug to bypass the block gas limit and gas payment completely to perform a full Denial-of-Service against the chain. Disclosure Evmos versions below v11.0.1 do not check for MsgEthereumTx messages that are nested...

CVE-2021-43839

Cronos is a commercial implementation of a blockchain. In Cronos nodes running versions before v0.6.5, it is possible to take transaction fees from Cosmos SDK's FeeCollector for the current block by sending a custom crafted MsgEthereumTx. This problem has been patched in Cronos v0.6.5. There are ...

Design/Logic Flaw

Cronos is a commercial implementation of a blockchain. In Cronos nodes running versions before v0.6.5, it is possible to take transaction fees from Cosmos SDK's FeeCollector for the current block by sending a custom crafted MsgEthereumTx. This problem has been patched in Cronos v0.6.5. There are ...

CVE-2021-43839

Cronos v0.6.5 fixes a vulnerability in Cronos nodes earlier than v0.6.5 where an attacker could drain the current-block transaction fees from Cosmos SDK’s FeeCollector by sending a crafted MsgEthereumTx. Affected: Cronos prior to v0.6.5. Root cause: improper handling enabling fee drainage at the ...

Improper Upper Bound Definition on the Fee

Handle defsec Vulnerability details Impact In the adjustGlobalParams function on line 1603of "", adjustGlobalParams function does not have any upper or lower bounds. Values that are too large will lead to reversions in several critical functions. Proof of Concept The setFee function that begins o...

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

Design/Logic Flaw

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

Monero: Misreporting of received amount by show_transfers

Summary: A sender may cause showtransfers to report a higher amount that was actually sent on the recipient's showtransfers output. Description: Due to a flaw in processnewtransaction in wallet2.cpp, if the tx pubkey is present multiple times, it will decode outputs correctly as many times, and a...

SMT smart contract integer overflow vulnerability-vulnerability warning-the black bar safety net

! Vulnerability overview SmartMesh Token is based on the Ethereum contract tokens, referred to as SMT. Ethereum is an open source, public, distributed computing platform, SmartMesh tokens contract SmartMeshTokenContract based on ERC20Token standards. The vulnerability occurs in the transfer...