Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

NVD
NVDadded 2026/05/20 4:16 p.m.3 views

CVE-2023-7346

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS0.00016EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/20 2:13 p.m.3 views

CVE-2023-7346

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS5.8AI score0.00016EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/05/20 2:13 p.m.29 views

CVE-2023-7346 Ledger Bitcoin App 2.1.0 Address Derivation Error via Miniscript

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS0.00016EPSS
Exploits0References2
CVE
CVEadded 2026/05/20 2:13 p.m.7 views

CVE-2023-7346

Technical details (affected versions, exploit methods, mitigations) are not publicly provided in the supplied documents. Monitor for updates from official sources.

4.1CVSS5.8AI score0.00016EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/20 2:13 p.m.3 views

EUVD-2023-60577

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS5.8AI score0.00016EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/20 2:13 p.m.2 views

CVE-2023-7346 Ledger Bitcoin App 2.1.0 Address Derivation Error via Miniscript

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS5.8AI score0.00016EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/20 12:0 a.m.4 views

PT-2026-42182

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...

4.1CVSS5.8AI score0.00016EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/23 7:20 a.m.3 views

CVE-2024-44073

The Miniscript aka rust-miniscript library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth...

7.5CVSS6.9AI score0.00062EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/04/24 12:0 a.m.1 views

PT-2025-17866 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A critical bug in the Rust-Miniscript satisfier causes crashes when compiling certain threshold descriptors, such as 3-of-3 with mixed conditions. No funds were lost due to this issue...

6.4AI score
Exploits0References4
Github Security Blog
Github Security Blogadded 2024/08/19 3:30 a.m.11 views

Miniscript allows stack consumption

The Miniscript aka rust-miniscript library for Rust allows stack consumption because it does not properly track tree depth...

7.5CVSS7.6AI score0.00062EPSS
Exploits0References11Affected Software1
vulnersOsv
vulnersOsvadded 2024/08/19 3:30 a.m.1 views

baru (>=0.2.0 <=0.4.0), bdk (>=0.2.0 <=1.0.0-alpha.9) +105 more potentially affected by CVE-2024-44073 via miniscript (>=0.12.0 <=8.0.2)

miniscript CARGO version =0.12.0, =0.2.0, =0.2.0, =0.1.0, =0.1.0, =0.3.0, =0.6.0, =0.2.0, =0.1.0, =0.4.0, =0.3.0, =1.0.0, =0.0.1, =0.1.0, =0.3.1 and more Source cves: CVE-2024-44073 Source advisory: OSV:GHSA-RV9V-R4VM-GJ8X...

7.5CVSS5.8AI score0.00062EPSS
Exploits0
OSV
OSVadded 2024/08/19 3:30 a.m.9 views

GHSA-RV9V-R4VM-GJ8X Miniscript allows stack consumption

The Miniscript aka rust-miniscript library for Rust allows stack consumption because it does not properly track tree depth...

8.7CVSS7.5AI score0.00062EPSS
Exploits0References10
NVD
NVDadded 2024/08/19 3:15 a.m.9 views

CVE-2024-44073

The Miniscript aka rust-miniscript library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth...

7.5CVSS0.00062EPSS
Exploits0References3
OSV
OSVadded 2024/08/19 3:15 a.m.4 views

CVE-2024-44073

The Miniscript aka rust-miniscript library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth...

7.5CVSS6.9AI score
Exploits0References3
Cvelist
Cvelistadded 2024/08/19 12:0 a.m.16 views

CVE-2024-44073

The Miniscript aka rust-miniscript library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth...

0.00062EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/08/19 12:0 a.m.8 views

CVE-2024-44073

The Miniscript aka rust-miniscript library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth...

6.9AI score0.00062EPSS
Exploits0References3
CVE
CVEadded 2024/08/19 12:0 a.m.39 views

CVE-2024-44073

CVE-2024-44073 affects the Miniscript (rust-miniscript) library for Rust, with versions prior to 12.2.0. The issue is a stack consumption vulnerability caused by improper tracking of tree depth in the Miniscript parser/engine. Impact is described as stack exhaustion, with an overall CVSSv3.1 base...

7.5CVSS7.2AI score0.00062EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2024/08/19 12:0 a.m.1 views

Miniscript 安全漏洞

Miniscript is a Rust Bitcoin open source library for working with Miniscript. A security vulnerability exists in versions of Miniscript prior to 12.2.0 that stems from a failure to properly track the depth of a tree, thereby consuming the stack...

7.5CVSS6.5AI score0.00062EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2024/08/18 12:0 a.m.2 views

PT-2024-30937 · Unknown · Miniscript

Name of the Vulnerable Software and Affected Versions: Miniscript library versions prior to 12.2.0 Description: The issue allows stack consumption because the Miniscript library does not properly track tree depth. Recommendations: For versions prior to 12.2.0, update to version 12.2.0 or later to...

7.5CVSS7.2AI score0.00062EPSS
Exploits0References19
Rows per page
Query Builder