PT-2025-42580

Name of the Vulnerable Software and Affected Versions Moxa network security appliances and routers affected versions not specified Description A security issue exists in Moxa’s network security appliances and routers related to the use of hard-coded credentials. The system uses a hard-coded secre...

CVE-2025-11577

Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposure of these keys could allow attackers to sign malicious firmware that appears trusted by affected systems, undermining th...

CVE-2025-62370

CVE-2025-62370 affects Alloy Core libraries at the root of the Rust Ethereum ecosystem, specifically the alloy-dyn-abi::TypedData hashing path. A DoS could result from an uncaught panic triggered by malformed input to TypedData, enabling denial-of-service via eip712_signing_hash(). The issue exis...

CVE-2025-62370 Alloy Core has a DoS vulnerability on `alloy_dyn_abi::TypedData` hashing

Alloy Core libraries at the root of the Rust Ethereum ecosystem. Prior to 0.8.26 and 1.4.1, an uncaught panic triggered by malformed input to alloydynabi::TypedData could lead to a denial-of-service DoS via eip712signinghash. Software with high availability requirements such as network services m...

CVE-2025-62370 Alloy Core has a DoS vulnerability on `alloy_dyn_abi::TypedData` hashing

Alloy Core libraries at the root of the Rust Ethereum ecosystem. Prior to 0.8.26 and 1.4.1, an uncaught panic triggered by malformed input to alloydynabi::TypedData could lead to a denial-of-service DoS via eip712signinghash. Software with high availability requirements such as network services m...

EUVD-2025-34225

Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposure of these keys could allow attackers to sign malicious firmware that appears trusted by affected systems, undermining th...

CVE-2025-11577

Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposure of these keys could allow attackers to sign malicious firmware that appears trusted by affected systems, undermining th...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: Nathan E. Sanders and I will be giving a book talk on Rewiring Democracy at the Harvard Kennedy School’s Ash Center in Cambridge, Massachusetts, USA, on October 22, 2025, at noon ET. Nathan E. Sanders and I will be speaking and...

CVE-2025-11577 Clevo UEFI firmware exposed Boot Guard private keys, enabling potential abuse of the Boot Guard trust chain

Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposure of these keys could allow attackers to sign malicious firmware that appears trusted by affected systems, undermining th...

CVE-2025-11577 Clevo UEFI firmware exposed Boot Guard private keys, enabling potential abuse of the Boot Guard trust chain

Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposure of these keys could allow attackers to sign malicious firmware that appears trusted by affected systems, undermining th...

Oracle Linux 10 : kernel (ELSA-2025-17776)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-17776 advisory. 6.12.0-55.39.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate...

Clevo UEFI 安全漏洞

Clevo UEFI is a firmware interface from Blue Sky Computer Clevo of Taiwan, China. A security vulnerability exists in Clevo UEFI that stems from the inclusion of a private signing key in firmware update packages, which could lead to malicious firmware being trusted...

Clevo UEFI firmware embedded BootGuard keys compromising Clevo's implementation of BootGuard

Overview Clevo’s UEFI firmware update packages included sensitive private keys used in their Intel Boot Guard implementation. This accidental exposure of the keys could be abused by an attacker to sign malicious firmware using Clevo’s Boot Guard trust chain, potentially compromising the pre-boot...

kernel security update

5.14.0-570.52.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

kernel security update

4.18.0-553.79.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Modern IOS Security Features -- a Deep Dive into SPTM, TXM, and Exclaves

The XNU kernel is the basis of Apple's operating systems. Although labeled as a hybrid kernel, it is found to generally operate in a monolithic manner by defining a single privileged trust zone in which all system functionality resides. This has security implications, as a kernel compromise has...

python-jose 安全漏洞

python-jose is a JOSE implementation in Python by the individual developer Michael Davis. A security vulnerability exists in python-jose version 3.3.0 and earlier, which stems from unenforced alg=none token denial, and could lead to bypassing authentication checks, which in turn could lead to...

Oracle Linux 10 : kernel (ELSA-2025-17396)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-17396 advisory. 6.12.0-55.38.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate...

Malicious code in ios-signing-common (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bfb96a60459a153a9a22586c87b5bf6e35ecf604760a4de43b056c3de5127f6 Any computer that has this package installed or running should be considered...

MAL-2025-48368 Malicious code in ios-signing-common (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bfb96a60459a153a9a22586c87b5bf6e35ecf604760a4de43b056c3de5127f6 Any computer that has this package installed or running should be considered...