Vulnerabilities > Bitcoin > Bitcoin Core > 0.12.0

DATE CVE VULNERABILITY TITLE RISK
2023-12-09 CVE-2023-50428 In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023.
network
low complexity
bitcoin bitcoinknots
5.3
2023-05-22 CVE-2023-33297 Resource Exhaustion vulnerability in Bitcoin Core
Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023.
network
low complexity
bitcoin CWE-400
7.5
2021-01-26 CVE-2021-3195 Improper Input Validation vulnerability in Bitcoin Core
bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call.
network
low complexity
bitcoin CWE-20
7.5
2020-03-16 CVE-2017-12842 Improper Input Validation vulnerability in Bitcoin Core
Bitcoin Core before 0.14 allows an attacker to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur.
network
low complexity
bitcoin CWE-20
7.5
2020-03-12 CVE-2018-20586 Improper Encoding or Escaping of Output vulnerability in Bitcoin Core
bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call.
network
low complexity
bitcoin CWE-116
5.3
2020-03-12 CVE-2017-18350 Classic Buffer Overflow vulnerability in Bitcoin Core
bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used.
network
high complexity
bitcoin CWE-120
5.9
2019-02-11 CVE-2018-20587 Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0.17.x before 0.17.1.knots20181229 have Incorrect Access Control.
local
low complexity
bitcoinknots bitcoin
5.5
2018-07-05 CVE-2016-10725 Cryptographic Issues vulnerability in Bitcoin Core
In Bitcoin Core before v0.13.0, a non-final alert is able to block the special "final alert" (which is supposed to override all other alerts) because operations occur in the wrong order.
network
low complexity
bitcoin CWE-310
7.5
2018-07-05 CVE-2016-10724 Resource Exhaustion vulnerability in Bitcoin Core
Bitcoin Core before v0.13.0 allows denial of service (memory exhaustion) triggered by the remote network alert system (deprecated since Q1 2016) if an attacker can sign a message with a certain private key that had been known by unintended actors, because of an infinitely sized map.
network
low complexity
bitcoin CWE-400
7.5