1250 matches found
CVE-2023-37902 Vyper's ecrecover can return undefined data if signature does not verify
Vyper is a Pythonic programming language that targets the Ethereum Virtual Machine EVM. Prior to version 0.3.10, the ecrecover precompile does not fill the output buffer if the signature does not verify. However, the ecrecover builtin will still return whatever is at memory location 0. This means...
CVE-2023-37902
Vyper (Pythonic language for the EVM) has a vulnerability in the ecrecover precompile prior to version 0.3.10, where the output buffer may contain undefined data if a signature does not verify. The ecrecover builtin can still return memory contents at address 0, potentially causing a signature ch...
[SECURITY] Fedora 38 Update: golang-1.20.6-1.fc38
The Go Programming Language...
New SOHO Router Botnet AVrecon Spreads to 70,000 Devices Across 20 Countries
A new malware strain has been found covertly targeting small office/home office SOHO routers for more than two years, infiltrating over 70,000 devices and creating a botnet with 40,000 nodes spanning 20 countries. Lumen Black Lotus Labs has dubbed the malware AVrecon, making it the third such...
Important: Red Hat Security Advisory: python38:3.8 and python38-devel:3.8 security update
An update for the python38:3.8 and python38-devel:3.8 modules is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...
Important: Red Hat Security Advisory: python39:3.9 and python39-devel:3.9 security update
An update for the python39:3.9 and python39-devel:3.9 modules is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat...
PT-2023-36216 Ā· GoogleĀ +1 Ā· GoĀ +1
Name of the Vulnerable Software and Affected Versions: amazon-ecs-init affected versions not specified Description: The issue is related to a security release in the Go programming language, version 1.20. The update of amazon-ecs-init is intended to address this issue by rebuilding the package wi...
PT-2023-36207 Ā· Rekor Ā· Rekor
Name of the Vulnerable Software and Affected Versions: rekor affected versions not specified Description: The issue is related to a security release in the Go programming language, specifically version 1.20. The problem is addressed by rebuilding the rekor package with this security release...
PT-2023-36211 Ā· Hashicorp Ā· Terraform-Provider-Aws
Name of the Vulnerable Software and Affected Versions: terraform-provider-aws affected versions not specified Description: The issue is related to a security release in the Go programming language, version 1.20. The terraform-provider-aws package has been rebuilt to incorporate this security...
PT-2023-36206 Ā· BuildahĀ +1 Ā· BuildahĀ +1
Name of the Vulnerable Software and Affected Versions: buildah affected versions not specified Description: The issue is related to a security release in the Go programming language, version 1.20. The buildah package has been rebuilt with this security release to address the issue. There is no...
SUSE-SU-2023:2297-2 Security update for golang-github-vpenso-prometheus_slurm_exporter
This update of golang-github-vpenso-prometheusslurmexporter fixes the following issues: - rebuild the package with the go 1.19 security release bsc1200441 bsc1209658...
DLA-3469-1 lua5.3 - security update
Bulletin has no description...
Important: Red Hat Security Advisory: python38:3.8 and python38-devel:3.8 security update
An update for the python38:3.8 and python38-devel:3.8 modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
[SECURITY] Fedora 37 Update: golang-1.19.10-1.fc37
The Go Programming Language...
Important: python38:3.8 and python38-devel:3.8 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
New Mystic Stealer Malware Targets 40 Web Browsers and 70 Browser Extensions
A new information-stealing malware called Mystic Stealer has been found to steal data from about 40 different web browsers and over 70 web browser extensions. First advertised on April 25, 2023, for $150 per month, the malware also targets cryptocurrency wallets, Steam, and Telegram, and employs...
Fedora: Security Advisory for golang (FEDORA-2023-802ea02cf1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ROS-20230619-05
A vulnerability in the pip module of the Python programming language is related to incorrect input validation in the Policy component python-pip in Oracle Communications Cloud Native Core Policy. Exploitation The vulnerability could allow an attacker acting remotely to manipulate data. The...
[SECURITY] Fedora 38 Update: golang-1.20.5-1.fc38
The Go Programming Language...
The vulnerability of the Cgo module in the Go programming language, allowing attackers to execute arbitrary code
The vulnerability of the Cgo module in the Go programming language is related to incorrect code generation during the processing of directory names. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...