Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitcoin vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-3195
bitcoind in Bitcoin Core up to and including 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of...
Bitcoin Bitcoin Core
NA
CVE-2012-4682
Unspecified vulnerability in bitcoind and Bitcoin-Qt allows malicious users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4683.
Bitcoin Bitcoin Core
7.5
CVSSv3
CVE-2017-12842
Bitcoin Core prior to 0.14 allows an malicious user to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing the attack would cost more than a million dollars, and is relevant mainly only in ...
Bitcoin Bitcoin Core
NA
CVE-2012-4683
Unspecified vulnerability in bitcoind and Bitcoin-Qt allows malicious users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4682.
Bitcoin Bitcoin Core
5.9
CVSSv3
CVE-2017-18350
bitcoind and Bitcoin-Qt before 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name.
Bitcoin Bitcoin Core
7.5
CVSSv3
CVE-2015-3641
bitcoind and Bitcoin-Qt before 0.10.2 allow malicious users to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack.
Bitcoin Bitcoin Core
NA
CVE-2013-3219
bitcoind and Bitcoin-Qt 0.8.x prior to 0.8.1 do not enforce a certain block protocol rule, which allows remote malicious users to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product...
Bitcoin Bitcoin Core 0.8.0
7.5
CVSSv3
CVE-2019-15947
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500&q...
Bitcoin Bitcoin Core 0.18.0
7.5
CVSSv3
CVE-2023-37192
Memory management and protection issues in Bitcoin Core v22 allows malicious users to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.
Bitcoin Bitcoin Core 22.0
NA
CVE-2013-4165
The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote malicious users to determine passwords via a timing side-channel attack.
Bitcoin Bitcoin Core 0.8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »