EUVD-2023-45146

Malicious code in bioql PyPI...

CVE-2023-40580

Freighter is a Stellar chrome extension. It may be possible for a malicious website to access the recovery mnemonic phrase when the Freighter wallet is unlocked. This vulnerability impacts access control to the mnemonic recovery phrase. This issue was patched in version 5.3.1...

CVE-2023-40580 Freighter mnemonic phrase may be accessed by Javascript through a private API

Freighter is a Stellar chrome extension. It may be possible for a malicious website to access the recovery mnemonic phrase when the Freighter wallet is unlocked. This vulnerability impacts access control to the mnemonic recovery phrase. This issue was patched in version 5.3.1...

ShapeShift KeepKey 缓冲区错误漏洞

ShapeShift KeepKey is an e-wallet device for cryptocurrency storage. A security vulnerability exists in ShapeShift KeepKey versions prior to 7.7.0 that stems from insufficient length checking, allowing an attacker to extract the BIP39 mnemonic from a hardware wallet via a crafted message that...

CVE-2022-32969

MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because an input field is used for a BIP39 mnemonic, and Firefox and Chromium save such fields to disk in order to support the Restore Session feature, aka the Demonic issue...