16 matches found
EUVD-2018-1832
Malware in sbrugna...
EUVD-2025-32167
Malicious code in bioql PyPI...
Malicious Package
Overview cryptonote-util is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in cryptonote-util (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e46ce76ad9b7ee6d4bae5c3df244aa971d9cff8544866bbc48c06f4d0231fd20 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47884 Malicious code in cryptonote-util (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e46ce76ad9b7ee6d4bae5c3df244aa971d9cff8544866bbc48c06f4d0231fd20 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CryptoNote Security Vulnerability
CryptoNote is a cryptocurrency system. A security vulnerability exists in CryptoNote version 0.8.9, which stems from the program not requiring authentication. The vulnerability can be exploited by a remote attacker to execute commands and take control of a cryptocurrency wallet via a web page...
CryptoNote Security Vulnerability
CryptoNote is a cryptocurrency system. A security vulnerability exists in CryptoNote version 0.8.9, which stems from the program not requiring authentication. The vulnerability can be exploited by a remote attacker to execute commands and take control of a cryptocurrency wallet via a web page...
Monero: CryptoNote: remote node DoS
Summary: Remote node DoS. See patch below. Releases Affected: All Monero versions, including the recent v0.14.0.2. Possibly all CryptoNote implementations that aren't Zano. Steps To Reproduce: Since this is currently a theoretical attack, non-code PoC detailed in the patch below. Supporting...
Monero: Locked_Transfer functional burning
Summary: Using the lockedtransfer command in the monero-wallet-cli users can send outputs with high lock times like 1,000,000 blocks. A vendor will accept these transactions with no warnings and credit a user balance. The user can now withdrawal or sell this balance and the vendor is left with...
Epee Levin Packet Deserialization Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the Levin deserialization functionality of the epee library. A specially crafted network packet can cause a logic flaw, resulting in code execution. An attacker can send a packet to trigger this vulnerability. Tested Versions Monero...
CryptoNote Command Execution Vulnerability
CryptoNote is a cryptocurrency system. A security vulnerability exists in CryptoNote version 0.8.9, which stems from the program not requiring authentication. A remote attacker could exploit the vulnerability to execute commands and take control of a cryptocurrency wallet via a web page hosting...
CVE-2018-1000093
CryptoNote version version 0.8.9 and possibly later contain a local RPC server which does not require authentication, as a result the walletd and the simplewallet RPC daemons will process any commands sent to them, resulting in remote command execution and a takeover of the cryptocurrency wallet ...
CVE-2018-1000093
CryptoNote version version 0.8.9 and possibly later contain a local RPC server which does not require authentication, as a result the walletd and the simplewallet RPC daemons will process any commands sent to them, resulting in remote command execution and a takeover of the cryptocurrency wallet ...
Authentication flaw
CryptoNote version version 0.8.9 and possibly later contain a local RPC server which does not require authentication, as a result the walletd and the simplewallet RPC daemons will process any commands sent to them, resulting in remote command execution and a takeover of the cryptocurrency wallet ...
CVE-2018-1000093
CryptoNote version version 0.8.9 and possibly later contain a local RPC server which does not require authentication, as a result the walletd and the simplewallet RPC daemons will process any commands sent to them, resulting in remote command execution and a takeover of the cryptocurrency wallet ...
CVE-2018-1000093
CryptoNote is reported to have a local RPC server (walletd/simplewallet) that does not require authentication in CryptoNote v0.8.9 and possibly later. This allows a remote attacker to issue commands to the RPC daemons, potentially leading to remote command execution and takeover of the cryptocurr...