EVE Seals Vault Key With SHA1 PCRs

Impact The vault key is sealed using SHA1 PCRs instead of SHA256 PCRs Thus an attacker with physical access to an EVE-OS device can try to brute force creating a kernel or rootfs image which produces the same SHA1 PCR but with malicious content. Patches Fixed in 9.4.3-lts and 10.1.0 Workarounds N...

EVE Doesn't Measure Config Partition From 2 Fronts

Impact PCR14 is not included in the list of PCRs that seal/unseal the vault key. Additionally, the vault key uses SHA1 PCRs instead of SHA256. Thus an attacker with physical access can take out the disk, use a different computer to modify the files in the /config partition, and re-insert the disk...

PT-2026-6461

Impact PCR14 is not included in the list of PCRs that seal/unseal the vault key. Additionally, the vault key uses SHA1 PCRs instead of SHA256. Thus an attacker with physical access can take out the disk, use a different computer to modify the files in the /config partition, and re-insert the disk...

PT-2026-6354

Impact On boot, the Pillar container checks for /config/authorized keys. If present with a valid public key, it enables SSH on port 22 with root login. The /config partition is not protected by measured boot, is mutable and unencrypted. This enables an attacker with physical access to the device ...

PT-2026-6495

Impact Config partition measurement was moved from PCR 13 to PCR 14 in a commit, but PCR 14 was not added to the list of PCRs that seal/unseal the vault key. As a result, an attacker can remove the disk, use another server to modify the files in the config partition, and then re-insert the disk...

EUVD-2019-4746

Malware in sbrugna...

CVE-2025-20319

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege capability editscripted and listinputs capability , could perform a remote command execution due to improper user input sanitization on the scripted input files. See Defin...

Splunk Enterprise 操作系统命令注入漏洞

Splunk Enterprise is a suite of data collection and analytics software from Splunk Corporation in the United States. Splunk Enterprise suffers from an operating system command injection vulnerability that stems from improper input cleanup and could lead to remote command execution. The following...

WordPress Booking Calendar Plugin <= 9.4.3 is vulnerable to SQL Injection

Software Booking Calendar Type Plugin Vulnerable versions = 9.4.3 Fixed in 9.4.3.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-23991 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 35338ed5afc5 Credits Rafshanzani Suhada Required privilege...

Drupal Multiple Vulnerabilities (SA-CORE-2022-015) - Linux

Drupal is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Drupal 访问控制错误漏洞

Drupal is an open source content management system developed in PHP by the Drupal community. An Access Control Error vulnerability exists in Drupal versions prior to 9.3.19 and prior to 9.4.3 that stems from improperly restricted access. A remote attacker could use this vulnerability to alter dat...

Drupal 安全漏洞

Drupal is an open source content management system developed in PHP by the Drupal community. A security vulnerability exists in Drupal versions prior to 7.91, prior to 9.3.19, and prior to 9.4.3, which stems from the image module not properly checking for image files that are not stored in the...

Drupal 代码问题漏洞

Drupal is an open source content management system developed in PHP by the Drupal community. A code issue vulnerability exists in Drupal versions prior to 9.3.19 and prior to 9.4.3, which stems from filenames not being cleaned up properly. An attacker could exploit this vulnerability to remotely...

Unspecified Vulnerability in Teclib GLPI

Teclib GLPI is an open source IT asset management suite from the French company Teclib. The suite includes features such as device status management, asset inventory storage, management processes and work log management. A security vulnerability exists in Teclib GLPI 9.4.3 and earlier versions,...

CVE-2019-14666

GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. The lack of correct validation leads to recovery of the token generated via the password reset functionality, and thus an authenticated attacker can set an arbitrary password for any use...

CVE-2019-14666

GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. The lack of correct validation leads to recovery of the token generated via the password reset functionality, and thus an authenticated attacker can set an arbitrary password for any use...

CVE-2019-13239

Vulnerability overview : GLPI

F5 BIG-IP 9.4.3 - Web Management Interface Console HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28151/info F5 BIG-IP Web Management Interface is prone to a HTML-injection vulnerability because the web management interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

openSUSE Security Update : bind (bind-1843)

bind when configured for DNSSEC could incorrectly cache NXDOMAIN responses CVE-2010-0097. Moreover, the fix for CVE-2009-4022 was incomplete. Despite the previous fix CNAME and DNAME responses could be incorrectly cached CVE-2010-0290. bind was updated to version 9.4.3-P5 in order to fix those...

ISC BIND DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability

ISC BIND is prone to a remote cache-poisoning vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind";...