CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50428
https://notcve.org/view.php?id=CVE-2023-50428
09 Dec 2023 — In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerability from the perspective of the Bitcoin Knots project, some others consider it "not a bug." En Bitcoin Core hasta 26.0 y Bitcoin Knots anteriores a 25.1.knots20231115, los límites de tamaño del portador de datos se pueden eludir ofuscando los dato... • https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-37192
https://notcve.org/view.php?id=CVE-2023-37192
06 Jul 2023 — Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing. Los problemas de gestión de memoria y protección en Bitcoin Core v22 permiten a los atacantes modificar la dirección de envío almacenada en la memoria de la aplicación, lo que potencialmente les permite redirigir las transacciones de Bitcoin a los monederos de su elección. • https://bitcoin.org/en/bitcoin-core • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33297 – Gentoo Linux Security Advisory 202408-12
https://notcve.org/view.php?id=CVE-2023-33297
22 May 2023 — Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023. A vulnerability has been discovered in Bitcoin, which can lead to a denial of service. Versions greater than or equal to 25.0 are affected. • https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures • CWE-400: Uncontrolled Resource Consumption •