Lucene search
K

150 matches found

CNNVD
CNNVD
added 2024/11/14 12:0 a.m.4 views

Binance 安全漏洞

Binance is a cryptocurrency trading platform from Binance. Binance suffers from a security vulnerability that stems from a misconfiguration of the fingerprint authentication mechanism, which allows an attacker to bypass authentication when adding a new fingerprint...

9.8CVSS7AI score0.00694EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/14 12:0 a.m.11 views

CVE-2024-31695

A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS v2.85.4, allows attackers to bypass authentication when adding a new fingerprint...

9.6AI score0.00694EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/14 12:0 a.m.15 views

CVE-2024-31695

A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS v2.85.4, allows attackers to bypass authentication when adding a new fingerprint...

0.00694EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/14 12:0 a.m.7 views

PT-2024-24190 · Binance · Binance

Name of the Vulnerable Software and Affected Versions: Binance: BTC, Crypto and NFTS version 2.85.4 Description: A misconfiguration in the fingerprint authentication mechanism allows attackers to bypass authentication when adding a new fingerprint. Recommendations: For version 2.85.4, consider...

9.8CVSS7.5AI score0.00694EPSS
Exploits0References5
Veracode
Veracode
added 2024/09/30 4:49 p.m.10 views

Keygen Protocol Exploitation

The Binance tss-lib is vulnerable to keygen protocol exploitation. The vulnerability is due to inadequate validation of the h1 and h2 parameters within the keygen protocol implementation, allows attackers to craft malicious parameters that can exploit the signing round process...

8.2CVSS6.6AI score0.01247EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2024/09/16 12:0 a.m.5 views

编号撤回

BSC Smart Contract is a high-performance blockchain network from BSC. This CVE number has been withdrawn...

6.8AI score
Exploits0References2
OSV
OSV
added 2024/08/21 3:21 p.m.25 views

GO-2022-0769 Incorrect Default Permissions in Binance tss-lib in github.com/binance-chain/tss-lib

Incorrect Default Permissions in Binance tss-lib in github.com/binance-chain/tss-lib...

8.2CVSS8.2AI score0.01247EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:27 p.m.3 views

Malicious code in Binance.Library (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSV
OSV
added 2024/06/25 1:27 p.m.4 views

MAL-2024-4308 Malicious code in Binance.Library (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:27 p.m.2 views

Malicious code in Binance.Libary (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2024/03/12 4:3 a.m.18 views

Binance’s Top Crypto Crime Investigator Is Being Detained in Nigeria

Tigran Gambaryan, a former crypto-focused US federal agent, and a second Binance executive, Nadeem Anjarwalla, have been held in Abuja without passports for two weeks...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/01 1:32 p.m.40 views

New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users

A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster codenamed CryptoChameleon that's designed to primarily target mobile devices. "This kit enables attackers to build carbon copies of single sign-on SSO pages, the...

7.5AI score
Exploits0
OSV
OSV
added 2024/02/08 8:15 p.m.6 views

CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

7.5CVSS5.8AI score0.00552EPSS
Exploits1References2
NVD
NVD
added 2024/02/08 8:15 p.m.30 views

CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

7.5CVSS7.2AI score0.00552EPSS
Exploits1References2
Prion
Prion
added 2024/02/08 8:15 p.m.20 views

Design/Logic Flaw

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

5CVSS7AI score0.00552EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/08 12:0 a.m.11 views

CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

7.2AI score0.00552EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/02/08 12:0 a.m.7 views

Binance Trust Wallet app Security Feature Issue Vulnerability

Binance Trust Wallet app is an application by Binance to securely send, receive and store Bitcoin and many other cryptocurrencies and digital assets. A security signature issue vulnerability exists in previous versions of the Binance Trust Wallet app iOS 3cd6e8f647fbba8b5d8844fcd144365a086b629f,...

7.5CVSS6.7AI score0.00552EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/02/08 12:0 a.m.6 views

PT-2024-20010 · Trezor +1 · Trezor-Crypto +1

Name of the Vulnerable Software and Affected Versions: Binance Trust Wallet app for iOS version 0.0.4 Description: The Binance Trust Wallet app for iOS misuses the trezor-crypto library, generating mnemonic words that use the device time as the only entropy source. This has led to economic losses...

7.5CVSS7.2AI score0.00552EPSS
Exploits1References7
VulnCheck KEV
VulnCheck KEV
added 2024/02/08 12:0 a.m.9 views

VulnCheck KEV: CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July...

7.5CVSS7.1AI score0.00552EPSS
Exploits1References1
CVE
CVE
added 2024/02/08 12:0 a.m.70 views

CVE-2024-23660

The CVE-2024-23660 entry concerns Binance Trust Wallet for iOS (version 0.0.4). The root cause is misuse of the trezor-crypto library, causing mnemonic words to be generated with device time as the sole entropy source. This leads to predictable mnemonics and potential theft of funds, with real-wo...

7.5CVSS7.2AI score0.00552EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder