141 matches found
CVE-2022-22779
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to...
CVE-2022-22779
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to...
Code injection
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to...
CVE-2022-22779
Summary: CVE-2022-22779 affects Keybase Clients for macOS and Windows prior to version 5.9.0. The issue is that exploded messages initiated by a user may not be properly removed if the receiving user switches to a non-chat feature and the host enters sleep before the messages are exploded, potent...
CVE-2022-22779 Retained exploded messages in Keybase clients for macOS and Windows
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to...
Keybase 信息泄露漏洞
Keybase is a PGP-based social networking platform that supports end-to-end encryption. keybase is vulnerable to an information disclosure vulnerability that could be exploited by an attacker to disclose sensitive information that should be removed from a user's file system...
PT-2022-15670 · Keybase · Keybase Client
Name of the Vulnerable Software and Affected Versions: Keybase Clients for macOS and Windows versions prior to 5.9.0 Description: The issue arises when a user initiates exploded messages, and the receiving user switches to a non-chat feature, putting the host in a sleep state before the messages...
CVE-2022-22779
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to...
CVE-2021-34426
A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user's Git repository could leverage this vulnerability to...
CVE-2021-34426
A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user's Git repository could leverage this vulnerability to...
Command injection
A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user's Git repository could leverage this vulnerability to...
CVE-2021-34426
Affected product: Keybase Client for Windows. Vulnerable in versions before 5.6.0 when a user runs the command “keybase git lfs-config” on the command line. A malicious actor with write access to a user’s Git repository could potentially execute arbitrary Windows commands on the user’s local syst...
CVE-2021-34426 Arbitrary command execution in Keybase Client for Windows
A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user's Git repository could leverage this vulnerability to...
Keybase 安全漏洞
Keybase is a social networking platform that supports end-to-end encryption based on PGP technology. A security vulnerability in the Windows version of the Keybase client prior to version 5.6.0 can be exploited by malicious actors with write access to a user's Git repository to execute arbitrary...
Vulnerabilities fixed in Zoom
Zoom has fixed several vulnerabilities in the Zoom client and connector. A malicious party could potentially exploit them to cause a denial-of-service, to execute arbitrary code with user privileges, or to gain access to sensitive data. The most serious vulnerability is in the windows client, in...
Keybase Information Disclosure Vulnerability
Keybase is a social networking platform based on PGP technology that supports end-to-end encryption.An information disclosure vulnerability exists in Keybase Client for Android before version 5.8.0 and Keybase Client for iOS before version 5.8.0, which stems from the client's inability to properl...
Keybase path traversal vulnerability
Keybase is a PGP technology-based social networking platform that supports end-to-end encryption.Keybase Client for Windows prior to version 5.7.0 is vulnerable to a path traversal vulnerability that stems from a networked system or product failing to properly filter special elements in a resourc...
CVE-2021-34422
The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute an application whi...
CVE-2021-34422
The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute an application whi...
CVE-2021-34421
The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. This could lead to...