Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitcoin bitcoin core vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-3219
bitcoind and Bitcoin-Qt 0.8.x prior to 0.8.1 do not enforce a certain block protocol rule, which allows remote malicious users to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product...
Bitcoin Bitcoin Core 0.8.0
7.5
CVSSv3
CVE-2020-14198
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Bitcoin Core 0.20.0
NA
CVE-2013-4165
The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote malicious users to determine passwords via a timing side-channel attack.
Bitcoin Bitcoin Core 0.8.1
7.5
CVSSv3
CVE-2023-37192
Memory management and protection issues in Bitcoin Core v22 allows malicious users to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.
Bitcoin Bitcoin Core 22.0
7.5
CVSSv3
CVE-2019-15947
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500&q...
Bitcoin Bitcoin Core 0.18.0
9.8
CVSSv3
CVE-2021-3401
Bitcoin Core prior to 0.19.0 might allow remote malicious users to execute arbitrary code when another application unsafely passes the -platformpluginpath argument to the bitcoin-qt program, as demonstrated by an x-scheme-handler/bitcoin handler for a .desktop file or a web brows...
Bitcoin Bitcoin
6.5
CVSSv3
CVE-2021-31876
Bitcoin Core 0.12.0 up to and including 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for malicious users to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. ...
Bitcoin Bitcoin
7.5
CVSSv3
CVE-2018-17145
Bitcoin Core 0.16.x prior to 0.16.2 and Bitcoin Knots 0.16.x prior to 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin C...
Bcoin Bcoin
Bitcoin Bitcoin Core
Bitcoinknots Bitcoin Knots
Btcd Project Btcd 0.3.0
Btcd Project Btcd 0.3.1
Btcd Project Btcd 0.3.2
Btcd Project Btcd 0.3.3
Btcd Project Btcd 0.4.0
Btcd Project Btcd 0.5.0
Btcd Project Btcd 0.6.0
Btcd Project Btcd 0.7.0
Btcd Project Btcd 0.8.0
Btcd Project Btcd 0.9.0
Btcd Project Btcd 0.10.0
Btcd Project Btcd 0.11.0
Btcd Project Btcd 0.11.1
Btcd Project Btcd 0.12.0
Btcd Project Btcd 0.13.0
Btcd Project Btcd 0.20.0
Btcd Project Btcd 0.20.1
Decred Dcrd
Litecoin Litecoin
NA
CVE-2024-34149
In Bitcoin Core up to and including 27.0 and Bitcoin Knots prior to 25.1.knots20231115, tapscript lacks a policy size limit check, a different issue than CVE-2023-50428. NOTE: some parties oppose this new limit check (for example, because they agree with the objective but disagre...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4