Satoshi Nakamoto

5 exploits Active since Jul 2018
CVE-2016-10724 WRITEUP HIGH WORKING POC
Bitcoin Core < 0.13.0 - Denial of Service
Bitcoin Core before v0.13.0 allows denial of service (memory exhaustion) triggered by the remote network alert system (deprecated since Q1 2016) if an attacker can sign a message with a certain private key that had been known by unintended actors, because of an infinitely sized map. This affects other uses of the codebase, such as Bitcoin Knots before v0.13.0.knots20160814 and many altcoins.
CVSS 7.5
CVE-2016-10725 WRITEUP HIGH WORKING POC
Bitcoin Core < 0.13.0 - Cryptographic Issue
In Bitcoin Core before v0.13.0, a non-final alert is able to block the special "final alert" (which is supposed to override all other alerts) because operations occur in the wrong order. This behavior occurs in the remote network alert system (deprecated since Q1 2016). This affects other uses of the codebase, such as Bitcoin Knots before v0.13.0.knots20160814 and many altcoins.
CVSS 7.5
CVE-2019-7167 WRITEUP HIGH WRITEUP
Zcash <2018-10-28 - Privilege Escalation
Zcash, before the Sapling network upgrade (2018-10-28), had a counterfeiting vulnerability. A key-generation process, during evaluation of polynomials related to a to-be-proven statement, produced certain bypass elements. Availability of these elements allowed a cheating prover to bypass a consistency check, and consequently transform the proof of one statement into an ostensibly valid proof of a different statement, thereby breaking the soundness of the proof system. This misled the original Sprout zk-SNARK verifier into accepting the correctness of a transaction.
CVSS 7.5
CVE-2021-37491 WRITEUP HIGH WRITEUP
Dogecoin Core <1.14.3 - Info Disclosure
An issue discovered in src/wallet/wallet.cpp in Dogecoin Project Dogecoin Core 1.14.3 and earlier allows attackers to view sensitive information via CWallet::CreateTransaction() function.
CVSS 7.5
CVE-2021-37492 WRITEUP HIGH WRITEUP
Ravencoin Core <4.3.2.1 - Info Disclosure
An issue discovered in src/wallet/wallet.cpp in Ravencoin Core 4.3.2.1 and earlier allows attackers to view sensitive information via CWallet::CreateTransactionAll() function.
CVSS 7.5