Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-0181

Malicious code in bioql PyPI...

5.3CVSS4.7AI score0.00364EPSS
Exploits1References7
RedhatCVE
RedhatCVEadded 2025/05/23 10:41 a.m.4 views

CVE-2024-24564

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

5.3CVSS6.6AI score0.00364EPSS
Exploits1References1
Veracode
Veracodeadded 2024/02/28 5:29 a.m.21 views

Out-of-bounds Read

vyper is vulnerable to Out-of-bounds Read. The vulnerability is due to a flaw in the extract32 function, where providing a start index that updates the byte array may result in reading and returning dirty memory...

5.3CVSS6.7AI score0.00364EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2024/02/26 8:19 p.m.6 views

CVE-2024-24564

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

5.3CVSS4AI score0.00364EPSS
Exploits1References2
OSV
OSVadded 2024/02/26 8:19 p.m.4 views

PYSEC-2024-205

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

5.3CVSS5AI score0.00364EPSS
Exploits1References3
PyPA
PyPAadded 2024/02/26 8:19 p.m.6 views

PYSEC-2024-205

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

5.3CVSS6.8AI score0.00364EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2024/02/26 8:16 p.m.14 views

CVE-2024-24564 Vyper extract32 can ready dirty memory

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

3.7CVSS3.8AI score0.00364EPSS
Exploits1References2
CVE
CVEadded 2024/02/26 8:16 p.m.115 views

CVE-2024-24564

Vyper CVE-2024-24564 describes a memory-safety issue with extract32(b, start): if the start argument can mutate b, extracting 32 bytes may read and return dirty memory. The defect affects older Vyper versions (e.g., 0.3.10 and earlier) and is fixed in 0.4.0. Red Hat and other sources list the sam...

5.3CVSS3.8AI score0.00364EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2024/02/26 8:16 p.m.4 views

CVE-2024-24564 Vyper extract32 can ready dirty memory

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

3.7CVSS4.7AI score0.00364EPSS
Exploits1References4
OSV
OSVadded 2024/02/26 8:11 p.m.13 views

GHSA-4HWQ-4CPM-8VMX Vyper's `extract32` can ready dirty memory

Summary When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. As of v0.4.0 specifically, commit...

3.7CVSS4.6AI score0.00364EPSS
Exploits1References7
Github Security Blog
Github Security Blogadded 2024/02/26 8:11 p.m.20 views

Vyper's `extract32` can ready dirty memory

Summary When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. As of v0.4.0 specifically, commit...

5.3CVSS3.9AI score0.00364EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologiesadded 2024/02/26 12:0 a.m.2 views

PT-2024-20455 · Vyper · Vyper

Name of the Vulnerable Software and Affected Versions: Vyper versions prior to 0.4.0 Description: The issue arises when using the built-in extract32b, start function in Vyper, a pythonic Smart Contract Language for the Ethereum virtual machine. If the start index provided has a side effect that...

5.3CVSS7.2AI score0.00364EPSS
Exploits1References13
CNNVD
CNNVDadded 2024/02/26 12:0 a.m.2 views

Vyper Security Vulnerability

Vyper is a Pythonic smart contract language for EVM open sourced by vyperlang. A security vulnerability exists in Vyper 0.3.10 and earlier versions, which stems from the fact that extract32 may read and return some dirty memory when using the built-in index...

5.3CVSS6.7AI score0.00364EPSS
Exploits1References3
Rows per page
Query Builder