Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitcoin vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2010-5137
wxBitcoin and bitcoind prior to 0.3.5 allow remote malicious users to cause a denial of service (daemon crash) via a Bitcoin transaction containing an OP_LSHIFT script opcode.
Bitcoin Bitcoin Core
Bitcoin Wxbitcoin
7.5
CVSSv2
CVE-2010-5141
wxBitcoin and bitcoind prior to 0.3.5 do not properly handle script opcodes in Bitcoin transactions, which allows remote malicious users to spend bitcoins owned by other users via unspecified vectors.
Bitcoin Wxbitcoin
Bitcoin Bitcoin Core
4.3
CVSSv2
CVE-2020-11944
Abe (aka bitcoin-abe) up to and including 0.7.2, and 0.8pre, allows XSS in __call__ in abe.py because the PATH_INFO environment variable is mishandled during a PageNotFound exception.
Bitcoin-abe Project Bitcoin-abe
Bitcoin-abe Project Bitcoin-abe 0.8
5
CVSSv2
CVE-2018-17144
Bitcoin Core 0.14.x prior to 0.14.3, 0.15.x prior to 0.15.2, and 0.16.x prior to 0.16.3 and Bitcoin Knots 0.14.x up to and including 0.16.x prior to 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoin...
Bitcoinknots Bitcoin Knots
Bitcoin Bitcoin Core
11 Github repositories
NA
CVE-2023-50428
In Bitcoin Core up to and including 26.0 and Bitcoin Knots prior to 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerabili...
Bitcoin Bitcoin Core
Bitcoinknots Bitcoin Knots
2.1
CVSSv2
CVE-2018-20587
Bitcoin Core 0.12.0 up to and including 0.17.1 and Bitcoin Knots 0.12.0 up to and including 0.17.x prior to 0.17.1.knots20181229 have Incorrect Access Control. Local users can exploit this to steal currency by binding the RPC IPv4 localhost port, and forwarding requests to the IP...
Bitcoinknots Bitcoin Knots
Bitcoin Bitcoin Core
6.4
CVSSv2
CVE-2021-31876
Bitcoin Core 0.12.0 up to and including 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for malicious users to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. ...
Bitcoin Bitcoin
7.5
CVSSv2
CVE-2021-3401
Bitcoin Core prior to 0.19.0 might allow remote malicious users to execute arbitrary code when another application unsafely passes the -platformpluginpath argument to the bitcoin-qt program, as demonstrated by an x-scheme-handler/bitcoin handler for a .desktop file or a web brows...
Bitcoin Bitcoin
5
CVSSv2
CVE-2017-9230
The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk, multiple candidate root values ending with the same 4 bytes, and calculations involving...
Bitcoin Bitcoin -
5
CVSSv2
CVE-2021-3195
bitcoind in Bitcoin Core up to and including 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of...
Bitcoin Bitcoin Core
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »