Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitcoin vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-3195
bitcoind in Bitcoin Core up to and including 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of...
Bitcoin Bitcoin Core
383
VMScore
CVE-2017-18350
bitcoind and Bitcoin-Qt before 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name.
Bitcoin Bitcoin Core
445
VMScore
CVE-2017-12842
Bitcoin Core prior to 0.14 allows an malicious user to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing the attack would cost more than a million dollars, and is relevant mainly only in ...
Bitcoin Bitcoin Core
445
VMScore
CVE-2012-4682
Unspecified vulnerability in bitcoind and Bitcoin-Qt allows malicious users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4683.
Bitcoin Bitcoin Core
445
VMScore
CVE-2012-4683
Unspecified vulnerability in bitcoind and Bitcoin-Qt allows malicious users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4682.
Bitcoin Bitcoin Core
445
VMScore
CVE-2015-3641
bitcoind and Bitcoin-Qt before 0.10.2 allow malicious users to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack.
Bitcoin Bitcoin Core
446
VMScore
CVE-2019-15947
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500&q...
Bitcoin Bitcoin Core 0.18.0
383
VMScore
CVE-2013-4165
The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote malicious users to determine passwords via a timing side-channel attack.
Bitcoin Bitcoin Core 0.8.1
445
VMScore
CVE-2013-3219
bitcoind and Bitcoin-Qt 0.8.x prior to 0.8.1 do not enforce a certain block protocol rule, which allows remote malicious users to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product...
Bitcoin Bitcoin Core 0.8.0
NA
CVE-2023-37192
Memory management and protection issues in Bitcoin Core v22 allows malicious users to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.
Bitcoin Bitcoin Core 22.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »