Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitcoin bitcoin core vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-15947
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500&q...
Bitcoin Bitcoin Core 0.18.0
7.5
CVSSv3
CVE-2020-14198
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Bitcoin Core 0.20.0
NA
CVE-2013-4165
The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote malicious users to determine passwords via a timing side-channel attack.
Bitcoin Bitcoin Core 0.8.1
NA
CVE-2013-3219
bitcoind and Bitcoin-Qt 0.8.x prior to 0.8.1 do not enforce a certain block protocol rule, which allows remote malicious users to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product...
Bitcoin Bitcoin Core 0.8.0
7.5
CVSSv3
CVE-2023-37192
Memory management and protection issues in Bitcoin Core v22 allows malicious users to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.
Bitcoin Bitcoin Core 22.0
9.8
CVSSv3
CVE-2021-3401
Bitcoin Core prior to 0.19.0 might allow remote malicious users to execute arbitrary code when another application unsafely passes the -platformpluginpath argument to the bitcoin-qt program, as demonstrated by an x-scheme-handler/bitcoin handler for a .desktop file or a web brows...
Bitcoin Bitcoin
6.5
CVSSv3
CVE-2021-31876
Bitcoin Core 0.12.0 up to and including 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for malicious users to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. ...
Bitcoin Bitcoin
7.5
CVSSv3
CVE-2018-17145
Bitcoin Core 0.16.x prior to 0.16.2 and Bitcoin Knots 0.16.x prior to 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin C...
Bcoin Bcoin
Bitcoin Bitcoin Core
Bitcoinknots Bitcoin Knots
Btcd Project Btcd 0.3.0
Btcd Project Btcd 0.3.1
Btcd Project Btcd 0.3.2
Btcd Project Btcd 0.3.3
Btcd Project Btcd 0.4.0
Btcd Project Btcd 0.5.0
Btcd Project Btcd 0.6.0
Btcd Project Btcd 0.7.0
Btcd Project Btcd 0.8.0
Btcd Project Btcd 0.9.0
Btcd Project Btcd 0.10.0
Btcd Project Btcd 0.11.0
Btcd Project Btcd 0.11.1
Btcd Project Btcd 0.12.0
Btcd Project Btcd 0.13.0
Btcd Project Btcd 0.20.0
Btcd Project Btcd 0.20.1
Decred Dcrd
Litecoin Litecoin
NA
CVE-2024-34149
In Bitcoin Core up to and including 27.0 and Bitcoin Knots prior to 25.1.knots20231115, tapscript lacks a policy size limit check, a different issue than CVE-2023-50428. NOTE: some parties oppose this new limit check (for example, because they agree with the objective but disagre...
9.8
CVSSv3
CVE-2022-1388
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reac...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
82 Github repositories
4 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-coded
CVE-2024-27202
NULL pointer dereference
CVE-2024-28075
CVE-2024-33608
CVE-2024-28889
CVE-2024-34572
template injection
CVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4