CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50428
https://notcve.org/view.php?id=CVE-2023-50428
09 Dec 2023 — In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerability from the perspective of the Bitcoin Knots project, some others consider it "not a bug." En Bitcoin Core hasta 26.0 y Bitcoin Knots anteriores a 25.1.knots20231115, los límites de tamaño del portador de datos se pueden eludir ofuscando los dato... • https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0CVE-2023-33297 – Gentoo Linux Security Advisory 202408-12
https://notcve.org/view.php?id=CVE-2023-33297
22 May 2023 — Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023. A vulnerability has been discovered in Bitcoin, which can lead to a denial of service. Versions greater than or equal to 25.0 are affected. • https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3195
https://notcve.org/view.php?id=CVE-2021-3195
21 Jan 2021 — bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of a fork that has implemented dumpwallet restrictions ** EN DISPUTA ** bitcoind en Bitcoin Core versiones hasta 0.21.0, puede crear un nuevo archivo en un directorio arbitrario (por ejemplo, fuera del directorio ~/.bitcoin) por medio de una llam... • https://github.com/bitcoin/bitcoin/issues/20866 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14198 – Gentoo Linux Security Advisory 202009-18
https://notcve.org/view.php?id=CVE-2020-14198
10 Sep 2020 — Bitcoin Core 0.20.0 allows remote denial of service. Bitcoin Core versión 0.20.0, permite una denegación de servicio remota Multiple vulnerabilities have been found in Bitcoin, the worst of which could result in a Denial of Service condition. Versions less than 0.20.1 are affected. • https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2020-14198 •
CVSS: 7.5EPSS: 1%CPEs: 24EXPL: 1CVE-2018-17145
https://notcve.org/view.php?id=CVE-2018-17145
10 Sep 2020 — Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15. Bitcoin Core versiones 0.16.x anteriores a 0.16.2 y Bitcoin Knots versiones 0.16.x anteriores a 0.16.2, permite la denegación de servicio remota por medio de una avalancha de mensajes inv de transacciones múltiples... • https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145 • CWE-400: Uncontrolled Resource Consumption •