Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitcoin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-5137
wxBitcoin and bitcoind prior to 0.3.5 allow remote malicious users to cause a denial of service (daemon crash) via a Bitcoin transaction containing an OP_LSHIFT script opcode.
Bitcoin Bitcoin Core
Bitcoin Wxbitcoin
NA
CVE-2010-5141
wxBitcoin and bitcoind prior to 0.3.5 do not properly handle script opcodes in Bitcoin transactions, which allows remote malicious users to spend bitcoins owned by other users via unspecified vectors.
Bitcoin Wxbitcoin
Bitcoin Bitcoin Core
6.1
CVSSv3
CVE-2020-11944
Abe (aka bitcoin-abe) up to and including 0.7.2, and 0.8pre, allows XSS in __call__ in abe.py because the PATH_INFO environment variable is mishandled during a PageNotFound exception.
Bitcoin-abe Project Bitcoin-abe
Bitcoin-abe Project Bitcoin-abe 0.8
5.3
CVSSv3
CVE-2023-50428
In Bitcoin Core up to and including 26.0 and Bitcoin Knots prior to 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerabili...
Bitcoin Bitcoin Core
Bitcoinknots Bitcoin Knots
5.5
CVSSv3
CVE-2018-20587
Bitcoin Core 0.12.0 up to and including 0.17.1 and Bitcoin Knots 0.12.0 up to and including 0.17.x prior to 0.17.1.knots20181229 have Incorrect Access Control. Local users can exploit this to steal currency by binding the RPC IPv4 localhost port, and forwarding requests to the IP...
Bitcoinknots Bitcoin Knots
Bitcoin Bitcoin Core
7.5
CVSSv3
CVE-2018-17144
Bitcoin Core 0.14.x prior to 0.14.3, 0.15.x prior to 0.15.2, and 0.16.x prior to 0.16.3 and Bitcoin Knots 0.14.x up to and including 0.16.x prior to 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoin...
Bitcoinknots Bitcoin Knots
Bitcoin Bitcoin Core
11 Github repositories
9.8
CVSSv3
CVE-2021-3401
Bitcoin Core prior to 0.19.0 might allow remote malicious users to execute arbitrary code when another application unsafely passes the -platformpluginpath argument to the bitcoin-qt program, as demonstrated by an x-scheme-handler/bitcoin handler for a .desktop file or a web brows...
Bitcoin Bitcoin
6.5
CVSSv3
CVE-2021-31876
Bitcoin Core 0.12.0 up to and including 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for malicious users to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. ...
Bitcoin Bitcoin
7.5
CVSSv3
CVE-2017-9230
The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk, multiple candidate root values ending with the same 4 bytes, and calculations involving...
Bitcoin Bitcoin -
7.5
CVSSv3
CVE-2017-12842
Bitcoin Core prior to 0.14 allows an malicious user to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing the attack would cost more than a million dollars, and is relevant mainly only in ...
Bitcoin Bitcoin Core
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »