1925 matches found
OPENSUSE-SU-2026:21149-1 Security update for bitcoin
This update for bitcoin fixes the following issues: Changes in bitcoin: - Reference the tracking bugs for CVEs already fixed in current bitcoin the affected versions all predate the shipped release: CVE-2018-20587 boo1125092 CVE-2019-15947 boo1149711 CVE-2020-14198 boo1181786 CVE-2021-3195...
OPENSUSE-SU-2026:11073-1 bitcoin-qt6-31.0-2.1 on GA media
These are all security issues fixed in the bitcoin-qt6-31.0-2.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-56341
AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transaction data including...
CVE-2026-56341 AVideo - Unauthenticated Access to Payment Log DataTables Endpoints via list.json.php
AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transaction data including...
CVE-2026-56341
AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transaction data including...
EUVD-2026-38130
AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transaction data including...
CVE-2026-56341
AVideo prior to 26.1 (through version 26.0) exposes unauthenticated access to payment data via multiple list.json.php endpoints in payment plugins, lacking authorization checks. The issue enables retrieval of PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records, including agreem...
CVE-2023-7346
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
CVE-2023-7346 Ledger Bitcoin App 2.1.0 Address Derivation Error via Miniscript
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
EUVD-2023-60577
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
CVE-2023-7346
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
CVE-2023-7346 Ledger Bitcoin App 2.1.0 Address Derivation Error via Miniscript
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
CVE-2023-7346
Technical details (affected versions, exploit methods, mitigations) are not publicly provided in the supplied documents. Monitor for updates from official sources.
PT-2026-42182
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
Ledger Bitcoin app 安全漏洞
The Ledger Bitcoin app is an open-source application developed by Ledger, which runs on the Ledger hardware wallet. There are security vulnerabilities in the 2.1.0 and 2.1.1 versions of the Ledger Bitcoin app. These vulnerabilities stem from improper handling of miniscripts containing the ‘a’...
p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
CVE-2024-52911
Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14...
EUVD-2024-55566
Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14...
CVE-2024-52911
Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14...
CVE-2024-52911
Summary (CVE-2024-52911) : Bitcoin Core up to version 28.x contains a use-after-free memory safety vulnerability in the script validation engine. The issue can allow remote disruption or arbitrary code execution by sending specially crafted blocks with sufficient PoW, potentially crashing nodes o...