Lucene search
+L

11 matches found

OSV
OSV
added 2026/01/20 12:0 a.m.7 views

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS5.8AI score0.00348EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:40 a.m.10 views

CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

7.5CVSS6.5AI score0.00552EPSS
Exploits1References1
NVD
NVD
added 2024/02/08 8:15 p.m.31 views

CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

7.5CVSS7.2AI score0.00552EPSS
Exploits1References2
OSV
OSV
added 2024/02/08 8:15 p.m.7 views

CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

7.5CVSS5.8AI score0.00552EPSS
Exploits1References2
Prion
Prion
added 2024/02/08 8:15 p.m.22 views

Design/Logic Flaw

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

5CVSS7AI score0.00552EPSS
Exploits1References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/02/08 12:0 a.m.10 views

VulnCheck KEV: CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July...

7.5CVSS7.1AI score0.00552EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/08 12:0 a.m.37 views

CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

7.4AI score0.00552EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/02/08 12:0 a.m.12 views

CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

7.2AI score0.00552EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/02/08 12:0 a.m.9 views

Binance Trust Wallet app Security Feature Issue Vulnerability

Binance Trust Wallet app is an application by Binance to securely send, receive and store Bitcoin and many other cryptocurrencies and digital assets. A security signature issue vulnerability exists in previous versions of the Binance Trust Wallet app iOS 3cd6e8f647fbba8b5d8844fcd144365a086b629f,...

7.5CVSS6.7AI score0.00552EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/02/08 12:0 a.m.8 views

PT-2024-20010 · Trezor +1 · Trezor-Crypto +1

Name of the Vulnerable Software and Affected Versions: Binance Trust Wallet app for iOS version 0.0.4 Description: The Binance Trust Wallet app for iOS misuses the trezor-crypto library, generating mnemonic words that use the device time as the only entropy source. This has led to economic losses...

7.5CVSS7.2AI score0.00552EPSS
Exploits1References7
CVE
CVE
added 2024/02/08 12:0 a.m.76 views

CVE-2024-23660

The CVE-2024-23660 entry concerns Binance Trust Wallet for iOS (version 0.0.4). The root cause is misuse of the trezor-crypto library, causing mnemonic words to be generated with device time as the sole entropy source. This leads to predictable mnemonics and potential theft of funds, with real-wo...

7.5CVSS7.2AI score0.00552EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder