Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitcoin bitcoin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34149
In Bitcoin Core up to and including 27.0 and Bitcoin Knots prior to 25.1.knots20231115, tapscript lacks a policy size limit check, a different issue than CVE-2023-50428. NOTE: some parties oppose this new limit check (for example, because they agree with the objective but disagre...
NA
CVE-2024-0674
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the...
Lamassu Douro Firmware 7.1
Lamassu Douro Ii Firmware 7.1
NA
CVE-2024-0675
Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and ...
Lamassu Douro Firmware 7.1
Lamassu Douro Ii Firmware 7.1
NA
CVE-2024-0676
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve stored hashes from the machine and crack long 4-character passwords using a dict...
Lamassu Douro Firmware 7.1
Lamassu Douro Ii Firmware 7.1
NA
CVE-2023-50428
In Bitcoin Core up to and including 26.0 and Bitcoin Knots prior to 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerabili...
Bitcoin Bitcoin Core
Bitcoinknots Bitcoin Knots
NA
CVE-2015-6964
MultiBit HD prior to 0.1.2 allows malicious users to conduct bit-flipping attacks that insert unspendable Bitcoin addresses into the list that MultiBit uses to send fees to the developers. (Attackers cannot realistically steal these fees for themselves.) This occurs because there...
Multibit Multibit Hd
1 Github repository
NA
CVE-2023-37192
Memory management and protection issues in Bitcoin Core v22 allows malicious users to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.
Bitcoin Bitcoin Core 22.0
NA
CVE-2023-33297
Bitcoin Core prior to 24.1, when debug mode is not used, allows malicious users to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023.
Bitcoin Bitcoin Core
NA
CVE-2022-4118
The Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop WordPress plugin up to and including 1.7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by authenticated users
Coinmarketstats Bitcoin \\/ Altcoin Payment Gateway For Woocommerce
NA
CVE-2022-47145
Reflected Cross-Site Scripting (XSS) vulnerability in Blockonomics WordPress Bitcoin Payments – Blockonomics plugin <= 3.5.7 versions.
Blockonomics Blockonomics
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »