Lucene search
K

1925 matches found

OSV
OSV
added 2026/06/23 12:48 p.m.3 views

OPENSUSE-SU-2026:21149-1 Security update for bitcoin

This update for bitcoin fixes the following issues: Changes in bitcoin: - Reference the tracking bugs for CVEs already fixed in current bitcoin the affected versions all predate the shipped release: CVE-2018-20587 boo1125092 CVE-2019-15947 boo1149711 CVE-2020-14198 boo1181786 CVE-2021-3195...

7.5CVSS6.3AI score0.03389EPSS
Exploits2References12
OSV
OSV
added 2026/06/22 12:0 a.m.4 views

OPENSUSE-SU-2026:11073-1 bitcoin-qt6-31.0-2.1 on GA media

These are all security issues fixed in the bitcoin-qt6-31.0-2.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.4AI score0.03389EPSS
Exploits1References5
NVD
NVD
added 2026/06/20 7:16 p.m.12 views

CVE-2026-56341

AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transaction data including...

8.7CVSS0.00302EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/20 6:27 p.m.21 views

CVE-2026-56341 AVideo - Unauthenticated Access to Payment Log DataTables Endpoints via list.json.php

AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transaction data including...

8.7CVSS0.00302EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/20 6:27 p.m.7 views

CVE-2026-56341

AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transaction data including...

8.7CVSS5.8AI score0.00302EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/20 6:27 p.m.10 views

EUVD-2026-38130

AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transaction data including...

8.7CVSS5.8AI score0.00302EPSS
Exploits0References2
CVE
CVE
added 2026/06/20 6:27 p.m.23 views

CVE-2026-56341

AVideo prior to 26.1 (through version 26.0) exposes unauthenticated access to payment data via multiple list.json.php endpoints in payment plugins, lacking authorization checks. The issue enables retrieval of PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records, including agreem...

8.7CVSS5.8AI score0.00302EPSS
Exploits0References2
NVD
NVD
added 2026/05/20 4:16 p.m.14 views

CVE-2023-7346

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS0.0014EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/20 2:13 p.m.40 views

CVE-2023-7346 Ledger Bitcoin App 2.1.0 Address Derivation Error via Miniscript

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS0.0014EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/20 2:13 p.m.9 views

EUVD-2023-60577

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS5.8AI score0.0014EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/20 2:13 p.m.10 views

CVE-2023-7346

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS5.8AI score0.0014EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/20 2:13 p.m.6 views

CVE-2023-7346 Ledger Bitcoin App 2.1.0 Address Derivation Error via Miniscript

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS5.8AI score0.0014EPSS
Exploits0References2
CVE
CVE
added 2026/05/20 2:13 p.m.21 views

CVE-2023-7346

Technical details (affected versions, exploit methods, mitigations) are not publicly provided in the supplied documents. Monitor for updates from official sources.

4.1CVSS5.8AI score0.0014EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.17 views

PT-2026-42182

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS5.8AI score0.0014EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.14 views

Ledger Bitcoin app 安全漏洞

The Ledger Bitcoin app is an open-source application developed by Ledger, which runs on the Ledger hardware wallet. There are security vulnerabilities in the 2.1.0 and 2.1.1 versions of the Ledger Bitcoin app. These vulnerabilities stem from improper handling of miniscripts containing the ‘a’...

4.1CVSS5.8AI score0.0014EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 1:24 p.m.17 views

p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...

7.5CVSS5.8AI score0.0116EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/06 8:21 p.m.9 views

CVE-2024-52911

Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/05 9:31 p.m.7 views

EUVD-2024-55566

Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14...

5.8AI score0.00417EPSS
Exploits0References4
NVD
NVD
added 2026/05/05 8:16 p.m.20 views

CVE-2024-52911

Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14...

7.5CVSS0.00417EPSS
Exploits0References3
CVE
CVE
added 2026/05/05 12:0 a.m.18 views

CVE-2024-52911

Summary (CVE-2024-52911) : Bitcoin Core up to version 28.x contains a use-after-free memory safety vulnerability in the script validation engine. The issue can allow remote disruption or arbitrary code execution by sending specially crafted blocks with sufficient PoW, potentially crashing nodes o...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References3
Rows per page
Query Builder