EUVD-2004-1843

Malware in sbrugna...

EUVD-2006-2537

Malware in sbrugna...

EUVD-2024-3551

Malicious code in bioql PyPI...

SUSE: Security Advisory (SUSE-SU-2024:3404-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

rage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the rage CLI through an attacker-controlled recipient or identity string, or to the following age APIs when the plugin feature flag is enabled: -...

GHSA-4FG7-VXC8-QX5W rage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the rage CLI through an attacker-controlled recipient or identity string, or to the following age APIs when the plugin feature flag is enabled: -...

Malicious plugin names, recipients, or identities can cause arbitrary binary execution

A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the rage CLI through an attacker-controlled recipient or identity string, or an attacker-controlled plugin name via the -j flag. On UNIX systems, a directory...

openSUSE Security Advisory (SUSE-SU-2024:3404-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rage-encryption (SUSE-SU-2024:3404-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3404-1 advisory. - Update to version 0.10.0 - CVE-2024-43806: Fixed rustix::fs::Dir iterator with the linuxraw backend tha...

SUSE-SU-2024:3404-1 Security update for rage-encryption

This update for rage-encryption fixes the following issues: - Update to version 0.10.0 - CVE-2024-43806: Fixed rustix::fs::Dir iterator with the linuxraw backend that can cause memory exhaustion. bsc1229959...

rage-encryption-0.10.0+0-3.1 on GA media (moderate)

rage-encryption-0.10.0+0-3.1 on GA media Announcement ID: openSUSE-SU-2024:14354-1 Rating: moderate Cross-References: CVE-2024-43806 CVSS scores: CVE-2024-43806 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability c...

Rage Stealer Rebranded as Angry Stealer, Now Uses Telegram Bot for Data Theft

Beware of "Angry Stealer," a new malware targeting your online accounts. This rebranded version of Rage Stealer steals…...

OPENSUSE-SU-2024:12610-1 rage-encryption-0.9.0+0-4.1 on GA media

These are all security issues fixed in the rage-encryption-0.9.0+0-4.1 package on the GA media of openSUSE Tumbleweed...

openSUSE: Security Advisory for rage (SUSE-SU-2023:4060-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:4060-1 Security update for rage-encryption

This update for rage-encryption fixes the following issues: -CVE-2023-42811: chosen ciphertext attack possible against aes-gcm bsc1215657 update vendor.tar.zst to contain aes-gcm = 0.10.3 - Update to version 0.9.2+0: CI: Ensure apt repository is up-to-date before installing build deps CI: Build...

Upgraded Q -> 2 from #20 [1685526689823]

Judge has assessed an item in Issue 20 as 2 risk. The relevant finding follows: L-2 Rage quit forfeits pending claims in TokenDistributor --- The text was updated successfully, but these errors were encountered: All reactions...

Possible overflow in PartyGovernance._isUnanimousVotes()

Lines of code Vulnerability details Impact Proposals can't be executed if totalVotes = 8e24. Furthermore, if emergencyExecuteDisabled == true and rageQuitTimestamp == DISABLERAGEQUITPERMANENTLY, users can't take out the funds from the party forever. Proof of Concept In isUnanimousVotes, it...

Rage quit modifications should be limited to provide stronger guarantees to party members

Lines of code Vulnerability details Rage quit modifications should be limited to provide stronger guarantees to party members Party hosts can arbitrarily change the rage quit settings overriding any existing preset. Impact Rage quit is implemented in the PartyGovernanceNFT contract by using a...

Fairness should be denominated in mintedVotingPower rather than totalVotingPower

Lines of code Vulnerability details Impact Rage quitter receives too little. Proof of Concept The rage quitter receives a share votingPowerByTokenIdtokenId 1e18 / totalVotingPower of each token balance. However the sum of votingPowerByTokenIdtokenId over all tokenId, i.e. mintedVotingPower, may b...

SUSE CVE-2009-3620

The ATI Rage 128 aka r128 driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine CCE state initialization, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly gain privileges via unspecified ioctl...