Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crypto vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-3249
The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hidden_form_data' function. This makes it possible f...
Miniorange Web3 - Crypto Wallet Login \\& Nft Token Gating
NA
CVE-2023-21179
In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for ...
Google Android 13.0
NA
CVE-2023-21115
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation....
Google Android 11.0
Google Android 12.0
Google Android 12.1
NA
CVE-2020-36732
The crypto-js package prior to 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an integer, which makes the output more predictable than necessary.
Crypto-js Project Crypto-js
2 Github repositories
NA
CVE-2023-29402
The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules wh...
Golang Go
Fedoraproject Fedora 38
NA
CVE-2023-29403
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is execute...
Golang Go
Fedoraproject Fedora 38
1 Github repository
NA
CVE-2023-29404
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAG...
Golang Go
Fedoraproject Fedora 38
NA
CVE-2023-29405
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAG...
Golang Go
Fedoraproject Fedora 38
NA
CVE-2023-33613
axTLS v2.1.5 exists to contain a heap buffer overflow in the bi_import function in axtls-code/crypto/bigint.c. This vulnerability allows malicious users to cause a Denial of Service (DoS) when parsing a private key.
Axtls Project Axtls 2.1.5
NA
CVE-2023-32691
gost (GO Simple Tunnel) is a simple tunnel written in golang. Sensitive secrets such as passwords, token and API keys should be compared only using a constant-time comparison function. Untrusted input, sourced from a HTTP header, is compared directly with a secret. Since this com...
Go Simple Tunnel Project Go Simple Tunnel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »