PT-2026-42755

Name of the Vulnerable Software and Affected Versions Apache CXF versions prior to 4.2.1 Apache CXF versions prior to 4.1.6 Apache CXF versions prior to 3.6.11 Description An LDAP injection issue exists in the LDAP Certificate repository of the XKMS server. This allows an attacker to retrieve...

AWS VDP: Health check errors silently dropped when channel buffer full

Component: pkg/plugin/plugin.go:153-156, pkg/plugin/pluginv2.go:156-158 Affected Version: aws-encryption-provider @ 4341c70 all versions Found by: Source audit TLP: TLP:Amber --- Summary When KMS operations fail, the error is sent to a buffered channel healthCheckErrc, size 100 via a non-blocking...

EUVD-2026-4633

KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the Service KMSELDI configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\KMSpico\ServiceKMS.exe to inject malicious executables and...

PT-2026-4653

KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the Service KMSELDI configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:Program FilesKMSpicoService KMS.exe to inject malicious executables and...

PT-2026-2134

Name of the Vulnerable Software and Affected Versions CryptoLib versions prior to 1.4.3 Description CryptoLib is a software solution utilizing the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP for secure communication between a spacecraft and a ground station. The write...

PT-2026-2247

Name of the Vulnerable Software and Affected Versions CryptoLib versions prior to 1.4.3 Description CryptoLib is a software solution utilizing the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP for secure communication between spacecraft and ground stations. Versions prior ...

EUVD-2019-13750

Malware in sbrugna...

EUVD-2023-2019

Malicious code in bioql PyPI...

CVE-2023-0690

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

GO-2023-1898 HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured in github.com/hashicorp/boundary

HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured in github.com/hashicorp/boundary...

HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

GHSA-9VRM-V9XV-X3XR HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

barbican 安全漏洞

barbican is an OpenStack key management service, API server. A security vulnerability exists in barbican that stems from the barbican configuration file being set to globally readable in Red Hat OpenStack, which poses a security risk because it allows an attacker with limited access to the file t...

Design/Logic Flaw

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

CVE-2023-0690 Boundary Workers Store Rotated Credentials in Plaintext Even When a Key Management Service Configured

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

CVE-2023-0690

HashiCorp Boundary is affected from 0.10.0 through 0.11.2 when using a PKI-based worker with a KMS defined in the config. New credentials created after automatic rotation may not have been encrypted by the intended KMS, resulting in plaintext on the Boundary PKI worker’s disk. The issue is fixed ...

CVE-2023-0690 Boundary Workers Store Rotated Credentials in Plaintext Even When a Key Management Service Configured

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

PT-2023-16458 · Hashicorp · Hashicorp Boundary

Name of the Vulnerable Software and Affected Versions: HashiCorp Boundary versions 0.10.0 through 0.11.2 Description: The issue arises when using a PKI-based worker with a Key Management Service KMS defined in the configuration file. After an automatic rotation, new credentials may not be encrypt...

KMSpico explained: No, KMS is not "kill Microsoft"

Thanks to Pieter Arntz and the Threat Intelligence Team who contributed to the research. A hack tool is a program that allows users to activate software even without a legitimate, purchased key. Hack tools are often used to root devices in order to among others remove barriers that stop users fro...

SharpEventPersist - Persistence By Writing/Reading Shellcode From Event Log

Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file "C:\path\to\shellcode.bin" -instanceid 1337 -source Persistence -eventlog "Key Management Service". The shellcode is converted to hex and written to the "Key Manageme...