[SECURITY] Fedora 38 Update: openmpi-4.1.4-9.fc38

Open MPI is an open source, freely available implementation of both the MPI-1 and MPI-2 standards, combining technologies and resources from several other projects FT-MPI, LA-MPI, LAM/MPI, and PACX-MPI in order to build the best MPI library available. A completely new MPI-2 compliant...

Nexkey Authorization Issues Vulnerability

Nexkey is an open source, decentralized social media platform for nexryai individual developers. An authorization issue vulnerability exists in Nexkey versions prior to 12.121.9 that stems from allowing an attacker to bypass authentication to access the job queue dashboard...

Malicious code in pyhulul (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f22a13d592f8a4de9eaf39b1c4c0c149232890e90dc5cff2988d49901d31a3e2 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

MAL-2023-8576 Malicious code in pyjio (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 26d9b6377460b59c1e31da04bf9acd401bd082c4911c43dbe41a60d55d65904a Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

[SECURITY] Fedora 38 Update: libwebp-1.3.2-2.fc38

WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently...

MAL-2023-8575 Malicious code in pyioler (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b5a0ae31e85484643163bd7b0da8800b531141a1e5d14a97f534b2bfdbefb531 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

electron{22,24,25} -- Heap buffer overflow in vp8 encoding in libvpx

Electron developers report: This update fixes the following vulnerability: Security: backported fix for CVE-2023-5217...

Malicious code in pyalsogkert (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx db76c02045b01626113fc566fbbcd5f7fd5ccbd230e7e5c6dc0ed090a712c9b1 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

Malicious code in pytasler (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9209d9bf3f5a8205e05d9cb3e590cb8ad8cdf90cedb528dd047828c38b308361 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

MAL-2023-8588 Malicious code in pytasler (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9209d9bf3f5a8205e05d9cb3e590cb8ad8cdf90cedb528dd047828c38b308361 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

MAL-2023-8566 Malicious code in kokokoako (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 037e7b78b81b8740ce2627e91bec2d913cb5ef310bf3d7a80046fee57dd42162 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

Malicious code in kokokoako (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 037e7b78b81b8740ce2627e91bec2d913cb5ef310bf3d7a80046fee57dd42162 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

CVE-2015-6964

MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable Bitcoin addresses into the list that MultiBit uses to send fees to the developers. Attackers cannot realistically steal these fees for themselves. This occurs because there is no message authenticati...

Malicious code in pykokalalz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ea135d81e5fdfe2d80397f1d6a5b8d0003b8c91632b9dd89163b6b5817e3684e Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

MAL-2023-8574 Malicious code in pyioapso (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ddface0422e0d25912e1810f515798f9258e861b2f6d89a9514856d598a5395f Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

CVE-2015-6964

MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable Bitcoin addresses into the list that MultiBit uses to send fees to the developers. Attackers cannot realistically steal these fees for themselves. This occurs because there is no message authenticati...

MAL-2023-8578 Malicious code in pykokalalz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ea135d81e5fdfe2d80397f1d6a5b8d0003b8c91632b9dd89163b6b5817e3684e Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

MAL-2023-8572 Malicious code in pyhjdddo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ac1a1233d8897ffaa72bc15d95e9f16517f66801df9f3eee30f97a8dc675d7bf Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

Malicious code in pyhjdddo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ac1a1233d8897ffaa72bc15d95e9f16517f66801df9f3eee30f97a8dc675d7bf Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

MAL-2023-8580 Malicious code in pyktrkatoo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a5fdb3eb98d4eda70237ca547bc7f49c932b195449c4c4faa4ffdaf5c78f1908 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...