Bitcoin : Security Vulnerabilities, CVEs, (Code Execution)
Bitcoin Core before 0.19.0 might allow remote attackers to execute arbitrary code when another application unsafely passes the -platformpluginpath argument to the bitcoin-qt program, as demonstrated by an x-scheme-handler/bitcoin handler for a .desktop file or a web browser. NOTE: the discoverer states "I believe that this vulnerability cannot actually be exploited."
Max CVSS
9.8
EPSS Score
0.71%
Published
2021-02-04
Updated
2022-06-28
Bitcoin-Qt 0.5.0.x before 0.5.0.5; 0.5.1.x, 0.5.2.x, and 0.5.3.x before 0.5.3.1; and 0.6.x before 0.6.0rc4 on Windows does not use MinGW multithread-safe exception handling, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted Bitcoin protocol messages.
Max CVSS
7.5
EPSS Score
0.89%
Published
2012-08-06
Updated
2020-03-18
2 vulnerabilities found