GHSA-Q66H-M87M-J2Q6 Bitcoinrb Vulnerable to Command injection via RPC

Summary: Remote Code Execution Unsafe handling of request parameters in the RPC HTTP server results in command injection Details In lib/bitcoin/rpc/httpserver.rb line 30-39, the JSON body of a POST request is parsed into command and args variables. These values are then passed to send, which is...

EUVD-2013-4483

Malware in sbrugna...

EUVD-2010-5100

Malware in sbrugna...

EUVD-2015-3679

Malware in sbrugna...

CVE-2012-3789

Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, 0.5.x before 0.5.6rc3, 0.6.0.x before 0.6.0.9rc1, and 0.6.x before 0.6.3rc1 allows remote attackers to cause a denial of service process hang via unknown behavior on a Bitcoin network...

CVE-2012-4683

Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4682...

CVE-2013-2272

The penny-flooding protection mechanism in the CTxMemPool::accept method in bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5rc1, and 0.7.x before 0.7.3rc1 allows remote attackers to determine associations between wallet...

CVE-2010-5141

wxBitcoin and bitcoind before 0.3.5 do not properly handle script opcodes in Bitcoin transactions, which allows remote attackers to spend bitcoins owned by other users via unspecified vectors...

CVE-2025-26541 WordPress Bitcoin / AltCoin Payment Gateway for WooCommerce plugin <= 1.7.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeSolz Bitcoin / AltCoin Payment Gateway for WooCommerce woo-altcoin-payment-gateway allows Reflected XSS.This issue affects Bitcoin / AltCoin Payment Gateway for WooCommerce: from n/a through =...

CVE-2019-25220

Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service daemon crash via a flood of low-difficulty header chains aka a "Chain Width Expansion" attack because a node does not first verify that a presented chain has enough work before committing to store it...

Security update for bitcoin (moderate)

openSUSE Security Update: Security update for bitcoin Announcement ID: openSUSE-SU-2024:0052-1 Rating: moderate References: Cross-References: CVE-2018-17144 CVSS scores: CVE-2018-17144 NVD : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-17144 SUSE: 7.4...

PT-2023-10706 · Bitcoin · Bitcoind

Name of the Vulnerable Software and Affected Versions: Bitcoin versions prior to the fix for BIP-0050 Description: A issue occurred due to a large number of total transaction inputs being broadcasted, which were rejected by some nodes and not rejected by others, causing a fork. Recommendations: A...

Bitcoin wxBitcoin/bitcoind Denial of Service Vulnerability

A vulnerability exists in Bitcoin wxBitcoin and bitcoind versions prior to 0.3.5. A remote attacker could use this vulnerability to cause a denial of service daemon crash via a Bitcoin transaction containing the OPLSHIFT script opcode...

Leaf Node Weaknesses in Bitcoin Merkle Tree Designs

Merkle tree in Chinese is called Merkle tree, is a kind of tree in computer data structure. The vulnerability stems from certain weaknesses in the design of leaf nodes in a Merkle tree. An attacker can exploit this vulnerability to modify arbitrary payment amounts...

bitcoind/Bitcoin-Qt 'CTransaction::FetchInputs' method denied service

Bitcoin is an e-currency generated using open source P2P software. A vulnerability in the 'CTransaction::FetchInputs' method in bitcoind and Bitcoin-Qt versions prior to 0.8.0rc1 stems from the program's failure to incrementally check the consumed predecessor signals, i.e., copying transactions...

Bitcoins - Secured by NSA designed Encryption or Backdoored ?

It's been nearly three months since Edward Snowden started telling the world about the National Security Agency's mass surveillance of global communications. After the last week report that the National Security Agency has leveraged its cooperative relationships with specific industry partners to...

CVE-2013-5700

The CVE-2013-5700 issue affects the Bloom Filter implementation in bitcoind and Bitcoin-Qt 0.8.x before 0.8.4rc1. A crafted sequence of messages can trigger a division-by-zero error, leading to a denial of service and daemon crash. This is tied to the Bloom Filter component, with impact described...