CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-6227

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00175EPSS

Exploits0References3

RedhatCVE•added 2025/02/05 8:25 p.m.•4 views

CVE-2022-31172

OpenZeppelin Contracts is a library for smart contract development. Versions 4.1.0 until 4.7.1 are vulnerable to the SignatureChecker reverting. SignatureChecker.isValidSignatureNow is not expected to revert. However, an incorrect assumption about Solidity 0.8's abi.decode allows some cases to...

7.5CVSS6.6AI score0.00175EPSS

Exploits0References1

Code423n4•added 2023/05/26 12:0 a.m.•16 views

AmbireAccount.isValidSignature() does not cover recovery signatures

Lines of code Vulnerability details Impact A recovery key can sign for a recovery but cannot get isValidSignature to return that it is valid. Proof of Concept AmbireAccount.isValidSignature is implemented as follows function isValidSignaturebytes32 hash, bytes calldata signature external view...

6.9AI score

Exploits0

Code423n4•added 2023/05/04 12:0 a.m.•11 views

Depositors risk losing funds through StrategyManager.depositIntoStrategyWithSignature()

Lines of code Vulnerability details Impact The StrategyManager contract has two functions for depositing funds into Strategy contracts, one of them is depositIntoStrategyWithSignature which allows the caller to make a deposit and the new shares are credited to a specified staker. If the staker...

6.7AI score

Exploits0

Code423n4•added 2023/01/09 12:0 a.m.•27 views

Lack of owner verification in EIP-1271 signature check

Lines of code Vulnerability details Description In the checkSignatures there are checks that the signer is the account owner, but in the case of EIP-1271 signature check there are no such checks: // If v is 0 then it is a contract signature // When handling contract signatures the address of the...

6.7AI score

Exploits0

NVD•added 2022/07/22 4:15 a.m.•11 views

CVE-2022-31172

7.5CVSS0.00175EPSS

Exploits0References2

Prion•added 2022/07/22 4:15 a.m.•13 views

Design/Logic Flaw

5CVSS7.4AI score0.00175EPSS

Exploits0References2Affected Software1

OSV•added 2022/07/21 10:33 p.m.•18 views

GHSA-4G63-C64M-25W9 OpenZeppelin Contracts's SignatureChecker may revert on invalid EIP-1271 signers

Impact SignatureChecker.isValidSignatureNow is not expected to revert. However, an incorrect assumption about Solidity 0.8's abi.decode allows some cases to revert, given a target contract that doesn't implement EIP-1271 as expected. The contracts that may be affected are those that use...

7.5CVSS7.4AI score0.00175EPSS

Exploits0References3

Github Security Blog•added 2022/07/21 10:33 p.m.•39 views

OpenZeppelin Contracts's SignatureChecker may revert on invalid EIP-1271 signers

7.5CVSS7.2AI score0.00175EPSS

Exploits0References4Affected Software2

Cvelist•added 2022/07/21 1:55 p.m.•14 views

CVE-2022-31172 OpenZeppelin Contracts's SignatureChecker may revert on invalid EIP-1271 signers

7.5CVSS7.6AI score0.00175EPSS

Exploits0References2

Vulnrichment•added 2022/07/21 1:55 p.m.•5 views

CVE-2022-31172 OpenZeppelin Contracts's SignatureChecker may revert on invalid EIP-1271 signers

7.5CVSS7.4AI score0.00175EPSS

Exploits0References2

OSV•added 2022/07/21 1:55 p.m.•13 views

CVE-2022-31172 OpenZeppelin Contracts's SignatureChecker may revert on invalid EIP-1271 signers

7.5CVSS7.3AI score0.00175EPSS

Exploits0References4

Code423n4•added 2022/06/03 12:0 a.m.•17 views

Integer Overflow in Nonce Possible Via EIP 1271 Compliant Contract

Lines of code Vulnerability details Impact The current NonceManager deployed version does not expect a nonce to go as high to actually trigger an integer overflow and is therefore, unchecked. However, it is completely possible to have the nonce go as high with EIP 1271 contracts that hold the NFT...

6.9AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by