Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitcoin core vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-3195
bitcoind in Bitcoin Core up to and including 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of...
Bitcoin Bitcoin Core
5.9
CVSSv3
CVE-2017-18350
bitcoind and Bitcoin-Qt before 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name.
Bitcoin Bitcoin Core
7.5
CVSSv3
CVE-2017-12842
Bitcoin Core prior to 0.14 allows an malicious user to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing the attack would cost more than a million dollars, and is relevant mainly only in ...
Bitcoin Bitcoin Core
7.5
CVSSv3
CVE-2023-33297
Bitcoin Core prior to 24.1, when debug mode is not used, allows malicious users to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023.
Bitcoin Bitcoin Core
NA
CVE-2012-4682
Unspecified vulnerability in bitcoind and Bitcoin-Qt allows malicious users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4683.
Bitcoin Bitcoin Core
NA
CVE-2012-4683
Unspecified vulnerability in bitcoind and Bitcoin-Qt allows malicious users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4682.
Bitcoin Bitcoin Core
7.5
CVSSv3
CVE-2015-3641
bitcoind and Bitcoin-Qt before 0.10.2 allow malicious users to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack.
Bitcoin Bitcoin Core
5.5
CVSSv3
CVE-2018-20587
Bitcoin Core 0.12.0 up to and including 0.17.1 and Bitcoin Knots 0.12.0 up to and including 0.17.x prior to 0.17.1.knots20181229 have Incorrect Access Control. Local users can exploit this to steal currency by binding the RPC IPv4 localhost port, and forwarding requests to the IP...
Bitcoinknots Bitcoin Knots
Bitcoin Bitcoin Core
7.5
CVSSv3
CVE-2018-17144
Bitcoin Core 0.14.x prior to 0.14.3, 0.15.x prior to 0.15.2, and 0.16.x prior to 0.16.3 and Bitcoin Knots 0.14.x up to and including 0.16.x prior to 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoin...
Bitcoinknots Bitcoin Knots
Bitcoin Bitcoin Core
11 Github repositories
5.3
CVSSv3
CVE-2023-50428
In Bitcoin Core up to and including 26.0 and Bitcoin Knots prior to 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerabili...
Bitcoin Bitcoin Core
Bitcoinknots Bitcoin Knots
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »