3 matches found
CVE-2023-27892
creationtimestamp| type| source ---|---|--- 2023-05-03 00:30:30+00:00| seen| Telegram/nb9grZdfWya8cDzZks4pGNvKlFnauelNDQlfU-3mXTXtA...
CVE-2023-27892
CVE-2023-27892 affects ShapeShift KeepKey hardware wallet firmware prior to 7.7.0. It stems from insufficient length checks that allow a global buffer overflow via crafted messages. The issue involves flaws in cf_confirmExecTx() within ethereum_contracts.c, which can reveal arbitrary microcontrol...
CVE-2023-27892
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cfconfirmExecTx in ethereumcontracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With...