7 matches found
CVE-2021-31616
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...
EUVD-2022-52274
Malicious code in bioql PyPI...
CVE-2022-30330
In the KeepKey firmware before 7.3.2,Flaws in the supervisor interface can be exploited to bypass important security restrictions on firmware operations. Using these flaws, malicious firmware code can elevate privileges, permanently make the device inoperable or overwrite the trusted bootloader...
CVE-2022-30330
In the KeepKey firmware before 7.3.2,Flaws in the supervisor interface can be exploited to bypass important security restrictions on firmware operations. Using these flaws, malicious firmware code can elevate privileges, permanently make the device inoperable or overwrite the trusted bootloader...
KeepKey firmware 输入验证错误漏洞
KeepKey firmware is an open source KeepKey device firmware from KeepKey USA. A security vulnerability exists in KeepKey versions prior to 7.3.2, which stems from lib/board/supervise.c incorrectly handling the svhandlerflash address range check...
PT-2022-20066 · Keepkey · Keepkey
Name of the Vulnerable Software and Affected Versions: KeepKey firmware versions prior to 7.3.2 Description: The issue is related to flaws in the supervisor interface of the KeepKey firmware, which can be exploited to bypass security restrictions on firmware operations. This can allow malicious...
CVE-2021-31616
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...