Critical | High | Medium | Low | Insight
Critical
- 32982 - [BC - Critical] Crashing all Validators Vulnerability in eth_g...
- 32993 - [BC - Critical] Crashing Validators by triggering an uncaught e...
- 33086 - [BC - Critical] Complete shutdown of the transaction processing...
- 33151 - [BC - Critical] Front running initial account data distribution
- 33222 - [BC - Critical] An attacker can control which nodes can and can...
- 33277 - [BC - Critical] Validators can be crashed via GET
- 33278 - [BC - Critical] Improper input validation leads to DOS and tota...
- 33424 - [BC - Critical] Improper input validation in safeJsonParse lead...
- 33428 - [BC - Critical] Validators can be crashed via pp
- 33483 - [BC - Critical] shardeum validator bypass loop breaking increme...
- 33632 - [BC - Critical] Signature forgery on behalf of other nodes lead...
- 33637 - [BC - Critical] In get_tx_timestamp a prototype pollution bri...
- 33638 - [BC - Critical] In remove_timestamp_cache a prototype polluti...
- 33655 - [BC - Critical] Complete shutdown of the transaction processing...
- 33696 - [BC - Critical] Failure to validate golden ticket admin cert
- 33745 - [BC - Critical] A math quirk in Javascript allows anyone to tak...
- 33750 - [BC - Critical] Abusing setCertTime Transactions to drain node ...
- 33766 - [BC - Critical] Improper input validation in TransactionConsenu...
- 33872 - [BC - Critical] Infinite loop in shardeum
- 33922 - [BC - Critical] Steal Rewards and Take over Network by Faking A...
- 33925 - [BC - Critical] Improper input validation in fixDeserializedWra...
- 33941 - [BC - Critical] A missing check for the type of a variable allo...
- 33946 - [BC - Critical] Lack of voter deduplication in sync_trie_hashes...
- 33963 - [BC - Critical] Crashing the network by filling timestamp cache...
- 33972 - [BC - Critical] Inflating the votes of the hash for a malicious...
- 34012 - [BC - Critical] Improper input validation in repair_oos_account...
- 34019 - [BC - Critical] Lack of vote validation in sync_trie_hashes lea...
- 34020 - [BC - Critical] An alternative entry point with a separated but...
- 34053 - [BC - Critical] Malicious HTTP responses allow systemic applica...
- 34093 - [BC - Critical] lib-net can be used to force oom reap of shardu...
- 34201 - [BC - Critical] Prototype pollution vulnerability in remove_tim...
- 34252 - [BC - Critical] Bypass Certificate Signing Validation
- 34353 - [BC - Critical] Killing nodes by polluting tx timestamp cache o...
- 34456 - [BC - Critical] Lack of consensus validation in repair_oos_acco...
- 34476 - [BC - Critical] remove_timestamp_cache prototype pollution lead...
- 34481 - [BC - Critical] Bypassing sender verification in gossip-final-s...
- 34484 - [BC - Critical] Tricking legit node to signed maliciously contr...
- 34500 - [BC - Critical] Prototype pollution vulnerability in get_tx_tim...
High
- 33473 - [BC - High] Cross-chain replay attacks are possible due to ...
- 33576 - [BC - High] Lack of deduplication in joinarchiver requests ...
- 33848 - [BC - High] For the first cycles of the network a maliciou...
- 34349 - [BC - High] Archiver Join Limit Logic Error
- 34422 - [BC - High] Forcing the new POQo system to fail preventing ...
Medium
Insight
- 33395 - [BC - Insight] DoS attack on peer nodes through gossip-valid-j...
- 33520 - [BC - Insight] Inconsistent consensus issue for BlakeF precomp...
- 33735 - [BC - Insight] Network split due to the sync issue in PP modul...
- 33813 - [BC - Insight] Double slashing of validators
- 34364 - [BC - Insight] pp deserialization denial of service issue
- 34489 - [BC - Insight] ActivetsValidateRecordTypes do not check all th...
Blockchain/DLT
- 32942 - [BC - Low] The ChainID and URL parameters that can modify ...
- 32982 - [BC - Critical] Crashing all Validators Vulnerability in eth_g...
- 32993 - [BC - Critical] Crashing Validators by triggering an uncaught e...
- 33044 - [BC - Medium] Preventing the network from loading by disconne...
- 33086 - [BC - Critical] Complete shutdown of the transaction processing...
- 33151 - [BC - Critical] Front running initial account data distribution
- 33222 - [BC - Critical] An attacker can control which nodes can and can...
- 33254 - [BC - Medium] The signature used to Gossip an UnjoinRequest h...
- 33277 - [BC - Critical] Validators can be crashed via GET
- 33278 - [BC - Critical] Improper input validation leads to DOS and tota...
- 33395 - [BC - Insight] DoS attack on peer nodes through gossip-valid-j...
- 33424 - [BC - Critical] Improper input validation in safeJsonParse lead...
- 33428 - [BC - Critical] Validators can be crashed via pp
- 33473 - [BC - High] Cross-chain replay attacks are possible due to ...
- 33483 - [BC - Critical] shardeum validator bypass loop breaking increme...
- 33520 - [BC - Insight] Inconsistent consensus issue for BlakeF precomp...
- 33576 - [BC - High] Lack of deduplication in joinarchiver requests ...
- 33632 - [BC - Critical] Signature forgery on behalf of other nodes lead...
- 33637 - [BC - Critical] In get_tx_timestamp a prototype pollution bri...
- 33638 - [BC - Critical] In remove_timestamp_cache a prototype polluti...
- 33655 - [BC - Critical] Complete shutdown of the transaction processing...
- 33696 - [BC - Critical] Failure to validate golden ticket admin cert
- 33735 - [BC - Insight] Network split due to the sync issue in PP modul...
- 33745 - [BC - Critical] A math quirk in Javascript allows anyone to tak...
- 33750 - [BC - Critical] Abusing setCertTime Transactions to drain node ...
- 33766 - [BC - Critical] Improper input validation in TransactionConsenu...
- 33813 - [BC - Insight] Double slashing of validators
- 33848 - [BC - High] For the first cycles of the network a maliciou...
- 33872 - [BC - Critical] Infinite loop in shardeum
- 33922 - [BC - Critical] Steal Rewards and Take over Network by Faking A...
- 33925 - [BC - Critical] Improper input validation in fixDeserializedWra...
- 33941 - [BC - Critical] A missing check for the type of a variable allo...
- 33946 - [BC - Critical] Lack of voter deduplication in sync_trie_hashes...
- 33963 - [BC - Critical] Crashing the network by filling timestamp cache...
- 33972 - [BC - Critical] Inflating the votes of the hash for a malicious...
- 34012 - [BC - Critical] Improper input validation in repair_oos_account...
- 34019 - [BC - Critical] Lack of vote validation in sync_trie_hashes lea...
- 34020 - [BC - Critical] An alternative entry point with a separated but...
- 34053 - [BC - Critical] Malicious HTTP responses allow systemic applica...
- 34093 - [BC - Critical] lib-net can be used to force oom reap of shardu...
- 34201 - [BC - Critical] Prototype pollution vulnerability in remove_tim...
- 34252 - [BC - Critical] Bypass Certificate Signing Validation
- 34349 - [BC - High] Archiver Join Limit Logic Error
- 34353 - [BC - Critical] Killing nodes by polluting tx timestamp cache o...
- 34364 - [BC - Insight] pp deserialization denial of service issue
- 34422 - [BC - High] Forcing the new POQo system to fail preventing ...
- 34456 - [BC - Critical] Lack of consensus validation in repair_oos_acco...
- 34476 - [BC - Critical] remove_timestamp_cache prototype pollution lead...
- 34481 - [BC - Critical] Bypassing sender verification in gossip-final-s...
- 34484 - [BC - Critical] Tricking legit node to signed maliciously contr...
- 34489 - [BC - Insight] ActivetsValidateRecordTypes do not check all th...
- 34500 - [BC - Critical] Prototype pollution vulnerability in get_tx_tim...