CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking. CVE-2022-44797 Note...

9.8CVSS8.2AI score0.00726EPSS

Exploits1References2

RedhatCVE•added 2025/05/23 12:14 a.m.•8 views

CVE-2022-44797

btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking...

9.8CVSS6.8AI score0.00726EPSS

Exploits1References1

Vulnrichment•added 2024/06/20 10:16 p.m.•15 views

CVE-2024-38359 Lightning Network Daemon Onion Bomb

The Lightning Network Daemon lnd - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version v0.17.0 to be...

6.5CVSS6.8AI score0.0018EPSS

Exploits0References5

Cvelist•added 2024/06/20 10:16 p.m.•30 views

CVE-2024-38359 Lightning Network Daemon Onion Bomb

6.5CVSS0.0018EPSS

Exploits0References5

Github Security Blog•added 2022/11/18 6:50 p.m.•32 views

Witness Block Parsing DoS Vulnerability

Impact All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on...

8.2CVSS6.2AI score0.00646EPSS

Exploits1References6Affected Software1

OSV•added 2022/11/18 6:50 p.m.•9 views

GHSA-HC82-W9V8-83PR Witness Block Parsing DoS Vulnerability

8.2CVSS7AI score0.00646EPSS

Exploits1References6

NVD•added 2022/11/17 10:15 p.m.•9 views

CVE-2022-39389

Lightning Network Daemon lnd is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments a...

8.2CVSS0.00646EPSS

Exploits1References4

Prion•added 2022/11/17 10:15 p.m.•9 views

Design/Logic Flaw

6.4CVSS6.3AI score0.00646EPSS

Exploits1References4Affected Software2

CVE•added 2022/11/17 12:0 a.m.•53 views

CVE-2022-39389

CVE-2022-39389 (lnd) affects Lightning Network Daemon (lnd) prior to v0.15.4. The vulnerability is a block parsing bug that can cause a node to enter a degraded state after processing certain blocks. In this state, a node can still forward HTLCs and make payments but cannot open channels, and on-...

8.2CVSS6.7AI score0.00646EPSS

Exploits1References4Affected Software2

OSV•added 2022/11/08 4:49 p.m.•31 views

GO-2022-1098 Denial of service in message decoding in github.com/btcsuite/btcd

Erroneous message decoding can cause denial of service. Improper checking of maximum witness size during node message decoding prevented nodes in Lightning Labs lnd before 0.15.2-beta to sync...

9.8CVSS9.2AI score0.00726EPSS

Exploits1References4

Github Security Blog•added 2022/11/07 12:0 p.m.•25 views

btcd mishandles witness size checking

btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking. Specific Go Packages Affected github.com/btcsuite/btcd/wire...

9.8CVSS8.9AI score0.00726EPSS

Exploits1References8Affected Software2

OSV•added 2022/11/07 12:0 p.m.•14 views

GHSA-2CHG-86HQ-7W38 btcd mishandles witness size checking

9.8CVSS9.4AI score0.00726EPSS

Exploits1References8

OSV•added 2022/11/07 4:15 a.m.•9 views

CVE-2022-44797

btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking...

9.8CVSS9.5AI score

Exploits0References4

UbuntuCve•added 2022/11/07 4:15 a.m.•25 views

CVE-2022-44797

btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking...

9.8CVSS7.2AI score0.00726EPSS

Exploits1References5

CVE•added 2022/11/07 12:0 a.m.•61 views

CVE-2022-44797

CVE-2022-44797 affects btcd before 0.23.2 (used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin products) due to mishandling of witness size checking, enabling high-impact network exploitation. The CVSSv3.1 base score is 9.8 (CRITICAL) with full confidentiality, integrity, and availabi...

9.8CVSS9.3AI score0.00726EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2022/11/07 12:0 a.m.•8 views

CVE-2022-44797

btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking...

6.8AI score0.00726EPSS

Exploits1References4

OSV•added 2021/10/04 5:15 p.m.•3 views

CVE-2021-41593

Lightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure...

8.6CVSS7.1AI score

Exploits0References6