150 matches found
Binance 安全漏洞
Binance is a cryptocurrency trading platform from Binance. Binance suffers from a security vulnerability that stems from a misconfiguration of the fingerprint authentication mechanism, which allows an attacker to bypass authentication when adding a new fingerprint...
CVE-2024-31695
A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS v2.85.4, allows attackers to bypass authentication when adding a new fingerprint...
CVE-2024-31695
A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS v2.85.4, allows attackers to bypass authentication when adding a new fingerprint...
PT-2024-24190 · Binance · Binance
Name of the Vulnerable Software and Affected Versions: Binance: BTC, Crypto and NFTS version 2.85.4 Description: A misconfiguration in the fingerprint authentication mechanism allows attackers to bypass authentication when adding a new fingerprint. Recommendations: For version 2.85.4, consider...
Keygen Protocol Exploitation
The Binance tss-lib is vulnerable to keygen protocol exploitation. The vulnerability is due to inadequate validation of the h1 and h2 parameters within the keygen protocol implementation, allows attackers to craft malicious parameters that can exploit the signing round process...
编号撤回
BSC Smart Contract is a high-performance blockchain network from BSC. This CVE number has been withdrawn...
GO-2022-0769 Incorrect Default Permissions in Binance tss-lib in github.com/binance-chain/tss-lib
Incorrect Default Permissions in Binance tss-lib in github.com/binance-chain/tss-lib...
Malicious code in Binance.Library (NuGet)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-4308 Malicious code in Binance.Library (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in Binance.Libary (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Binance’s Top Crypto Crime Investigator Is Being Detained in Nigeria
Tigran Gambaryan, a former crypto-focused US federal agent, and a second Binance executive, Nadeem Anjarwalla, have been held in Abuja without passports for two weeks...
New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users
A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster codenamed CryptoChameleon that's designed to primarily target mobile devices. "This kit enables attackers to build carbon copies of single sign-on SSO pages, the...
CVE-2024-23660
The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...
CVE-2024-23660
The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...
Design/Logic Flaw
The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...
CVE-2024-23660
The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...
Binance Trust Wallet app Security Feature Issue Vulnerability
Binance Trust Wallet app is an application by Binance to securely send, receive and store Bitcoin and many other cryptocurrencies and digital assets. A security signature issue vulnerability exists in previous versions of the Binance Trust Wallet app iOS 3cd6e8f647fbba8b5d8844fcd144365a086b629f,...
PT-2024-20010 · Trezor +1 · Trezor-Crypto +1
Name of the Vulnerable Software and Affected Versions: Binance Trust Wallet app for iOS version 0.0.4 Description: The Binance Trust Wallet app for iOS misuses the trezor-crypto library, generating mnemonic words that use the device time as the only entropy source. This has led to economic losses...
VulnCheck KEV: CVE-2024-23660
The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July...
CVE-2024-23660
The CVE-2024-23660 entry concerns Binance Trust Wallet for iOS (version 0.0.4). The root cause is misuse of the trezor-crypto library, causing mnemonic words to be generated with device time as the sole entropy source. This leads to predictable mnemonics and potential theft of funds, with real-wo...