Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitcoin bitcoin vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2015-6964
MultiBit HD prior to 0.1.2 allows malicious users to conduct bit-flipping attacks that insert unspendable Bitcoin addresses into the list that MultiBit uses to send fees to the developers. (Attackers cannot realistically steal these fees for themselves.) This occurs because there...
Multibit Multibit Hd
1 Github repository
5.3
CVSSv3
CVE-2018-20586
bitcoind and Bitcoin-Qt before 0.17.1 allow injection of arbitrary data into the debug log via an RPC call.
Bitcoin Bitcoin Core 0.12.0
Bitcoin Bitcoin Core 0.12.1
Bitcoin Bitcoin Core 0.13
Bitcoin Bitcoin Core 0.13.0
Bitcoin Bitcoin Core 0.13.1
Bitcoin Bitcoin Core 0.13.2
Bitcoin Bitcoin Core 0.14.0
Bitcoin Bitcoin Core 0.14.1
Bitcoin Bitcoin Core 0.14.2
Bitcoin Bitcoin Core 0.14.3
Bitcoin Bitcoin Core 0.15.0
Bitcoin Bitcoin Core 0.15.0.1
Bitcoin Bitcoin Core 0.15.1
Bitcoin Bitcoin Core 0.15.2
Bitcoin Bitcoin Core 0.16.0
Bitcoin Bitcoin Core 0.16.1
Bitcoin Bitcoin Core 0.16.2
Bitcoin Bitcoin Core 0.16.3
Bitcoin Bitcoin Core 0.17.0
5.3
CVSSv3
CVE-2018-1000022
Electrum Technologies GmbH Electrum Bitcoin Wallet version prior to version 3.0.5 contains a Missing Authorization vulnerability in JSONRPC interface that can result in Bitcoin theft, if the user's wallet is not password protected. This attack appear to be exploitable via Th...
Electrum Bitcoin Wallet
4.1
CVSSv3
CVE-2018-10812
The Bitpie application up to and including 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/shared_prefs/com.bitpie_preferences.xml (on Android) or a plist ...
Bitpie Bitcoin Wallet
NA
CVE-2024-34149
In Bitcoin Core up to and including 27.0 and Bitcoin Knots prior to 25.1.knots20231115, tapscript lacks a policy size limit check, a different issue than CVE-2023-50428. NOTE: some parties oppose this new limit check (for example, because they agree with the objective but disagre...
NA
CVE-2013-7372
The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom implementation in Apache Harmony up to and including 6.0M3, as used in the Java Cryptography Architecture ...
Google Android 4.0
Apache Harmony
Google Android 4.3
Google Android 4.0.3
Google Android 4.0.1
Google Android 4.2.2
Google Android 4.2.1
Google Android 4.2
Google Android 4.1.2
Google Android 4.1
Google Android
Google Android 4.0.4
Google Android 4.0.2
NA
CVE-2013-5700
The Bloom Filter implementation in bitcoind and Bitcoin-Qt 0.8.x prior to 0.8.4rc1 allows remote malicious users to cause a denial of service (divide-by-zero error and daemon crash) via a crafted sequence of messages.
Bitcoin Bitcoin Core 0.8.0
Bitcoin Bitcoin-qt 0.8.2
Bitcoin Bitcoin Core 0.8.1
Bitcoin Bitcoin-qt 0.8.3
NA
CVE-2013-3220
bitcoind and Bitcoin-Qt prior to 0.4.9rc2, 0.5.x prior to 0.5.8rc2, 0.6.x prior to 0.6.5rc2, and 0.7.x prior to 0.7.3rc2, and wxBitcoin, do not properly consider whether a block's size could require an excessive number of database locks, which allows remote malicious users t...
Bitcoin Bitcoin-qt 0.7.1
Bitcoin Bitcoin-qt 0.6.0.10
Bitcoin Bitcoin Core 0.5.3
Bitcoin Bitcoin Core 0.4.7
Bitcoin Bitcoin Core 0.5.6
Bitcoin Bitcoin Core 0.6.0.5
Bitcoin Bitcoin Core 0.6.0.6
Bitcoin Bitcoin Core 0.6.0.7
Bitcoin Bitcoin Core 0.6.0.8
Bitcoin Bitcoin Core 0.4.1
Bitcoin Bitcoin Core 0.4.0
Bitcoin Bitcoin Core 0.3.11
Bitcoin Bitcoin Core 0.3.10
Bitcoin Bitcoin Core 0.3.5
Bitcoin Bitcoin Core 0.3.4
Bitcoin Bitcoin Core 0.5.0
Bitcoin Bitcoin-qt 0.4.8
Bitcoin Bitcoind 0.4.4
Bitcoin Bitcoind 0.7.3
Bitcoin Bitcoind 0.6.0.10
Bitcoin Bitcoin Core 0.4.2
Bitcoin Bitcoin Core 0.4.3
NA
CVE-2013-4165
The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote malicious users to determine passwords via a timing side-channel attack.
Bitcoin Bitcoin Core 0.8.1
NA
CVE-2013-3219
bitcoind and Bitcoin-Qt 0.8.x prior to 0.8.1 do not enforce a certain block protocol rule, which allows remote malicious users to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product...
Bitcoin Bitcoin Core 0.8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »