Lucene search
K

604 matches found

hivepro
hivepro
added 2026/03/03 6:14 p.m.5 views

5 Best Qualys Replacement Solutions Reviewed

Knowing you have vulnerabilities is one thing; knowing if your defenses can actually stop an attack is another. Traditional vulnerability scanners tell you where the holes are, but they don't tell you if your security controls are configured correctly or if they'll perform under pressure. This is...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/25 4:18 p.m.4 views

CVE-2025-10010

The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...

6.8CVSS6.2AI score0.00254EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 3:21 p.m.6 views

CVE-2025-10010

The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...

6.8CVSS6.1AI score0.00254EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/24 2:13 p.m.5 views

EUVD-2025-208086

The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...

6.8CVSS6.1AI score0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/24 2:13 p.m.7 views

CVE-2025-10010 Integrity Validation Bypass in CryptoPro Secure Disk for BitLocker

The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...

6.2AI score0.00254EPSS
Exploits0References1
CVE
CVE
added 2026/02/24 2:13 p.m.16 views

CVE-2025-10010

The CVE affects the CPSD CryptoPro Secure Disk: during boot, a small Linux OS validates integrity via IMA, but configuration files are not validated by IMA. This can allow an attacker with physical access to alter config files on the unencrypted partition, enabling arbitrary code execution as roo...

6.8CVSS6.2AI score0.00254EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.8 views

CPSD CryptoPro Secure Disk 安全漏洞

CPSD CryptoPro Secure Disk is a transparent disk encryption software developed by CPSD. There is a security vulnerability in CPSD CryptoPro Secure Disk. This vulnerability stems from the fact that configuration files in the Linux operating system’s integrity checks are not verified through the...

6.8CVSS7.8AI score0.00254EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/02/14 12:0 a.m.2 views

A Real-Time Approach to Autonomous CAN Bus Reverse Engineering

This paper introduces a real-time method for reverse engineering a vehicle's CAN bus without prior knowledge of the vehicle or its CAN system. By comparing inertial measurement and CAN data during significant vehicle events, the method accurately identified the CAN channels associated with the...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/14 12:0 a.m.5 views

Applying Public Health Systematic Approaches to Cybersecurity: The Economics of Collective Defense

The U.S. public health system increased life expectancy by more than 30 years since 1900 through systematic data collection, evidence-based intervention, and coordinated response. This paper examines whether cybersecurity can benefit from similar organizational principles. We find that both domai...

5.5AI score
Exploits0
OSV
OSV
added 2026/02/11 9:16 a.m.8 views

RLSA-2026:2225 Critical: keylime security update

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication CVE-2026-1709 For more details about the...

9.4CVSS5.7AI score0.05431EPSS
Exploits0References2
OSV
OSV
added 2026/02/10 12:0 a.m.3 views

OPENSUSE-SU-2026:10170-1 keylime-ima-policy-0.2.8+116-1.1 on GA media

These are all security issues fixed in the keylime-ima-policy-0.2.8+116-1.1 package on the GA media of openSUSE Tumbleweed...

6.8CVSS5.8AI score0.00291EPSS
Exploits0References1
OSV
OSV
added 2026/02/05 3:20 a.m.6 views

GO-2026-4430 EVE Doesn't Measure Config Partition From 2 Fronts in github.com/lf-edge/eve

EVE Doesn't Measure Config Partition From 2 Fronts in github.com/lf-edge/eve...

8.8CVSS5.3AI score0.00107EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.4 views

PT-2026-6531

EVE Doesn't Measure Config Partition From 2 Fronts in github.com/lf-edge/eve...

8.8CVSS5.4AI score0.00107EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/02/04 8:43 p.m.5 views

EVE Doesn't Measure Config Partition From 2 Fronts

Impact PCR14 is not included in the list of PCRs that seal/unseal the vault key. Additionally, the vault key uses SHA1 PCRs instead of SHA256. Thus an attacker with physical access can take out the disk, use a different computer to modify the files in the /config partition, and re-insert the disk...

8.8CVSS5.4AI score0.00107EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/02/04 4:7 p.m.8 views

CVE-2025-71198

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix iiochanspec for sensors without event detection The stlsm6dsxaccchannels array of struct iiochanspec has a non-NULL eventspec field, indicating support for IIO events. However, event detection is not...

5.3AI score0.00168EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.3 views

PT-2026-6495

Impact Config partition measurement was moved from PCR 13 to PCR 14 in a commit, but PCR 14 was not added to the list of PCRs that seal/unseal the vault key. As a result, an attacker can remove the disk, use another server to modify the files in the config partition, and then re-insert the disk...

8.8CVSS5.4AI score0.00161EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.9 views

Innomic VibroLine Series 访问控制错误漏洞

The Innomic VibroLine Series is a professional vibration measurement and analysis system developed by the German company Innomic. The Innomic VibroLine Series has a security access control vulnerability; this vulnerability arises from unverified neighboring attackers who may switch between multip...

6.5CVSS5.8AI score0.00208EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.4 views

PIDSMaker: Building and Evaluating Provenance-Based Intrusion Detection Systems

Recent provenance-based intrusion detection systems PIDSs have demonstrated strong potential for detecting advanced persistent threats APTs by applying machine learning to system provenance graphs. However, evaluating and comparing PIDSs remains difficult: prior work uses inconsistent preprocessi...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.6 views

Okara: Detection and Attribution of TLS Man-In-The-Middle Vulnerabilities in Android Apps with Foundation Models

Transport Layer Security TLS is fundamental to secure online communication, yet vulnerabilities in certificate validation that enable Man-in-the-Middle MitM attacks remain a pervasive threat in Android apps. Existing detection tools are hampered by low-coverage UI interaction, costly...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37875)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37875 advisory. - In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing...

5.5CVSS6.7AI score0.00225EPSS
Exploits0References2
Rows per page
Query Builder