Lucene search
K

150 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/24 2:25 p.m.5 views

Malicious code in binance-dev (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
OSV
OSV
added 2025/07/24 2:25 p.m.3 views

MAL-2025-6277 Malicious code in binance-dev (npm)

The package communicates with a domain associated with malicious activity...

7.1AI score
Exploits0
OSV
OSV
added 2025/07/24 2:23 p.m.2 views

MAL-2025-6278 Malicious code in binance-internals (npm)

The package communicates with a domain associated with malicious activity...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/24 2:23 p.m.3 views

Malicious code in binance-internals (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 8:40 a.m.9 views

CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

7.5CVSS6.5AI score0.00552EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:33 a.m.8 views

CVE-2024-31695

A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS v2.85.4, allows attackers to bypass authentication when adding a new fingerprint...

9.8CVSS7.1AI score0.00694EPSS
Exploits0References1
OSV
OSV
added 2025/02/28 3:57 p.m.3 views

MAL-2025-1575 Malicious code in binance-connector-ruby (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 41e39728f8654e35cb29f5b837a886f3a5a9ff0dd9b523fc1777672083ae645d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/28 3:57 p.m.3 views

Malicious code in binance-connector-ruby (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 41e39728f8654e35cb29f5b837a886f3a5a9ff0dd9b523fc1777672083ae645d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/23 9:22 p.m.15 views

CVE-2025-27106

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...

8.8CVSS8.1AI score0.01874EPSS
Exploits0References1
NVD
NVD
added 2025/02/21 10:15 p.m.12 views

CVE-2025-27106

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...

8.8CVSS0.01874EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/21 9:18 p.m.8 views

CVE-2025-27106 Code injection in binance-trading-bot

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...

7.7CVSS9.2AI score0.01874EPSS
Exploits0References3
OSV
OSV
added 2025/02/21 9:18 p.m.8 views

CVE-2025-27106 Code injection in binance-trading-bot

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...

7.7CVSS8.2AI score0.01874EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/02/21 9:18 p.m.25 views

CVE-2025-27106 Code injection in binance-trading-bot

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...

7.7CVSS0.01874EPSS
Exploits0References3
CVE
CVE
added 2025/02/21 9:18 p.m.57 views

CVE-2025-27106

Summary: The vulnerability CVE-2025-27106 affects binance-trading-bot. Authenticated users can trigger a command injection via the "/restore" endpoint, where the uploaded file name is passed to shell.exec without sufficient sanitization, enabling Remote Code Execution on the host. Root cause: Ina...

8.8CVSS7.8AI score0.01874EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/21 12:0 a.m.6 views

PT-2025-7632 · Unknown · Binance-Trading-Bot

Name of the Vulnerable Software and Affected Versions: binance-trading-bot versions prior to 0.0.100 Description: The binance-trading-bot is an automated Binance trading bot with a trailing buy/sell strategy. Authenticated users can achieve Remote Code Execution on the host system due to a comman...

8.8CVSS8.2AI score0.01874EPSS
Exploits0References14
CNNVD
CNNVD
added 2025/02/21 12:0 a.m.3 views

Binance Trading Bot 安全漏洞

Binance Trading Bot is an automated trading bot by Chris Lee, a personal developer. A security vulnerability exists in Binance Trading Bot that stems from a command injection vulnerability contained in the /restore port...

8.8CVSS7.3AI score0.01874EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/10 12:31 a.m.4 views

Malicious code in binance-toolbox-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a585655865db20c2d6f9419d9c516d93d59ac420d066bda570716d917933605 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/12/10 12:31 a.m.3 views

MAL-2024-12138 Malicious code in binance-toolbox-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a585655865db20c2d6f9419d9c516d93d59ac420d066bda570716d917933605 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
NVD
NVD
added 2024/11/14 10:15 p.m.25 views

CVE-2024-31695

A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS v2.85.4, allows attackers to bypass authentication when adding a new fingerprint...

9.8CVSS0.00694EPSS
Exploits0References1
CVE
CVE
added 2024/11/14 12:0 a.m.49 views

CVE-2024-31695

CVE-2024-31695 affects Binance’s BTC, Crypto and NFTS v2.85.4. A misconfiguration in the fingerprint authentication mechanism allows bypass when adding a new fingerprint. Documented in multiple feeds (NVD/Red Hat/CNNVD) with a critical CVSS v3.1 score (9.8, AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). C...

9.8CVSS7.2AI score0.00694EPSS
Exploits0References1
Rows per page
Query Builder