Malicious code in keybase-live-feed (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 04e37d8ed67c047350e5767575fe330037e3df4a1d2bc9a1159801b02c54a375 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

openSUSE Security Advisory (openSUSE-SU-2024:0224-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (openSUSE-SU-2024:0194-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for keybase-client (moderate)

openSUSE Security Update: Security update for keybase-client Announcement ID: openSUSE-SU-2024:0194-2 Rating: moderate References: 1213928 Cross-References: CVE-2023-29408 CVSS scores: CVE-2023-29408 NVD : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2023-29408 SUSE: 4...

Security update for keybase-client (moderate)

openSUSE Security Update: Security update for keybase-client Announcement ID: openSUSE-SU-2024:0224-2 Rating: moderate References: 1227167 Cross-References: CVE-2024-24792 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This...

OPENSUSE-SU-2024:0224-2 Security update for keybase-client

This update for keybase-client fixes the following issues: - Update the Image dependency to address CVE-2024-24792 boo1227167...

OPENSUSE-SU-2024:0194-2 Security update for keybase-client

This update for keybase-client fixes the following issues: Update to version 6.2.8 Update client CA Fix incomplete locking in config file handling. - Update the Image dependency to address CVE-2023-29408 / boo1213928. This is done via the new update-image-tiff.patch. - Limit parallel test executi...

SUSE CVE-2018-18629

An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary...

Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages

Twitter chief executive Elon Musk confirmed plans for end-to-end encryption E2EE for direct messages on the platform. The feature is part of Musk's vision for Twitter 2.0, which is expected to be what's called an "everything app." Other functionalities include longform tweets and payments,...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 by 1vere$k Just simple PoC for the Atlassian Ji...

Exploit for CVE-2022-31749

CVE-2022-31749 by 1vere$k Simple PoC-checker for CVE-2022-3174...

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 by 1vere$k Rapid7 discovered and reported a...

Exploit for CVE-2022-21907

CVE-2022-21907 Golang Application by 1vere$k CVE-2022-21907 -...

Exploit for CVE-2021-43008

cve-2022-21907-http.sys by 1vere$k CVE-2022-21907 - Double Fre...

Keybase Information Disclosure Vulnerability (CNVD-2022-11494)

Keybase is a PGP-based social networking platform that supports end-to-end encryption. keybase is vulnerable to an information disclosure vulnerability that could be exploited by an attacker to disclose sensitive information that should be removed from a user's file system...

CVE-2022-22779

The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to...

CVE-2022-22779

The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to...

Code injection

The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to...

CVE-2022-22779

Summary: CVE-2022-22779 affects Keybase Clients for macOS and Windows prior to version 5.9.0. The issue is that exploded messages initiated by a user may not be properly removed if the receiving user switches to a non-chat feature and the host enters sleep before the messages are exploded, potent...

CVE-2022-22779 Retained exploded messages in Keybase clients for macOS and Windows

The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to...