Lucene search
K

228 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51010

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-36367

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0053EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/07/23 12:0 a.m.3 views

Rethinking HSM and TPM Security in the Cloud: Real-World Attacks and Next-Gen Defenses

As organizations rapidly migrate to the cloud, the security of cryptographic key management has become a growing concern. Hardware Security Modules HSMs and Trusted Platform Modules TPMs, traditionally seen as the gold standard for securing encryption keys and digital trust, are increasingly...

7.1AI score
Exploits0
Snyk
Snyk
added 2025/07/01 5:35 p.m.2 views

Cleartext Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information via the cert.NewLeaf function. An attacker can obtain sensitive private key material by intercepting certificates transmitted in plaintext during a TLS handshake, allowing impersonation of eith...

7.1CVSS6.8AI score0.00135EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:11 a.m.9 views

CVE-2023-32096

Compiler removal of buffer clearing in slicryptotransparentaeadencrypttag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...

7.5CVSS7AI score0.00481EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:11 a.m.7 views

CVE-2023-32098

Compiler removal of buffer clearing in slisesignmessage in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...

7.5CVSS7AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:10 a.m.8 views

CVE-2023-32099

Compiler removal of buffer clearing in slisesignhash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...

7.5CVSS7AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:10 a.m.7 views

CVE-2023-32097

Compiler removal of buffer clearing in slicryptotransparentaeaddecrypttag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...

7.5CVSS7AI score0.00481EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:40 a.m.8 views

CVE-2023-0965

Compiler removal of buffer clearing in slicryptoacctransparentkeyagreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...

7.5CVSS7AI score0.00481EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:19 a.m.3 views

CVE-2023-23773

Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent impla...

8.8CVSS7.5AI score0.00419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:19 a.m.5 views

CVE-2023-23772

Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a...

8.8CVSS7.4AI score0.00419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:50 a.m.8 views

CVE-2023-2481

Compiler removal of buffer clearing in sliseopaqueimportkey in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...

7.5CVSS7AI score0.00484EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 p.m.5 views

CVE-2021-23204

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gallagher Command Centre Server allows OSDP key material to be exposed to Command Centre Operators. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359 MR3...

8.1CVSS6.8AI score0.00698EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:23 p.m.5 views

CVE-2020-11198

Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

7.2CVSS7AI score0.00125EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:15 p.m.8 views

CVE-2020-12926

The Trusted Platform Modules TPM reference software may not properly track the number of times a failed shutdown happens. This can leave the TPM in a state where confidential key material in the TPM may be able to be compromised. AMD believes that the attack requires physical access of the device...

6.4CVSS6.6AI score0.00212EPSS
Exploits0
CVE
CVE
added 2024/12/04 3:20 p.m.4210 views

CVE-2024-54134

CVE-2024-54134 affects the Solana JavaScript library solana/web3.js, specifically versions 1.95.6 and 1.95.7. A publish-access account was compromised, enabling attackers to publish unauthorized malicious packages that could exfiltrate private key material and drain funds from dapps that handle p...

8.3CVSS6.5AI score0.00431EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/08/06 2:0 a.m.3 views

SUSE CVE-2024-42098

In the Linux kernel, the following vulnerability has been resolved: crypto: ecdh - explicitly zeroize privatekey privatekey is overwritten with the key parameter passed in by the caller if present, or alternatively a newly generated private key. However, it is possible that the caller provides a...

5.5CVSS6.3AI score0.0021EPSS
Exploits0References17
OSV
OSV
added 2024/07/30 8:15 a.m.6 views

DEBIAN-CVE-2024-42155

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copies of protected- or...

1.9CVSS5AI score0.00188EPSS
Exploits0References1
OSV
OSV
added 2024/07/30 8:15 a.m.2 views

UBUNTU-CVE-2024-42155

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copies of protected- or...

1.9CVSS5.8AI score0.00188EPSS
Exploits0References15
OSV
OSV
added 2024/07/30 7:46 a.m.23 views

CVE-2024-42155 s390/pkey: Wipe copies of protected- and secure-keys

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copies of protected- or...

1.9CVSS5.9AI score0.00188EPSS
Exploits0References5
Rows per page
Query Builder