Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-0264

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00097EPSS
Exploits1References5
OSV
OSVadded 2025/01/14 4:34 p.m.1 views

GHSA-VGF2-GVX8-XWC3 Vyper Does Not Check the Success of Certain Precompile Calls

Summary When the Vyper Compiler uses the precompiles EcRecover 0x1 and Identity 0x4, the success flag of the call is not checked. As a consequence an attacker can provide a specific amount of gas to make these calls fail but let the overall execution continue. Then the execution result can be...

2.3CVSS6.3AI score0.00776EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/01/14 12:0 a.m.2 views

PT-2025-4296 · Vyper · Vyper

Name of the Vulnerable Software and Affected Versions: Vyper versions 0.2.0 through 0.4.0 Description: The Vyper Compiler has a vulnerability when using the precompiles EcRecover 0x1 and Identity 0x4, where the success flag of the call is not checked. This allows an attacker to provide a specific...

7.5CVSS6.9AI score0.00776EPSS
Exploits1References11
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.3 views

Vyper 安全漏洞

Vyper is a Pythonic smart contract language for EVM open sourced by vyperlang. A security vulnerability exists in Vyper 0.4.0 and earlier versions, which stems from the compiler failing to check the success flag of a call when using pre-compiled EcRecover and Identity, which could lead to incorre...

7.5CVSS6.4AI score0.00776EPSS
Exploits1References5
OSV
OSVadded 2023/07/25 8:5 p.m.9 views

CVE-2023-37902 Vyper's ecrecover can return undefined data if signature does not verify

Vyper is a Pythonic programming language that targets the Ethereum Virtual Machine EVM. Prior to version 0.3.10, the ecrecover precompile does not fill the output buffer if the signature does not verify. However, the ecrecover builtin will still return whatever is at memory location 0. This means...

5.3CVSS5.5AI score0.00097EPSS
Exploits1References4
Github Security Blog
Github Security Blogadded 2023/07/25 5:46 p.m.27 views

ecrecover can return undefined data if signature does not verify

Impact the ecrecover precompile does not fill the output buffer if the signature does not verify, see https://github.com/ethereum/go-ethereum/blob/b058cf454b3bdc7e770e2b3cec83a0bcb48f55ee/core/vm/contracts.goL188. however, the ecrecover builtin will still return whatever is at memory location 0...

5.3CVSS5.4AI score0.00097EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologiesadded 2023/07/25 12:0 a.m.1 views

PT-2023-26172 · Vyper · Vyper

Name of the Vulnerable Software and Affected Versions: Vyper versions prior to 0.3.10 Description: The ecrecover precompile in Vyper does not fill the output buffer if the signature does not verify. However, the ecrecover builtin will still return whatever is at memory location 0. This means that...

6.9CVSS5.2AI score0.00097EPSS
Exploits1References9
Rows per page
Query Builder