Vulnerabilities > Binance
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-08 | CVE-2024-23660 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Binance Trust Wallet 0.0.4 The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 2023. | 7.5 |
2020-04-23 | CVE-2020-12118 | Incorrect Default Permissions vulnerability in Binance Tss-Lib 1.0.0/1.1.0/1.1.1 The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties. | 8.2 |