Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/04/24 12:0 a.m.3 views

PT-2026-34837

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In versions 3.13.0 through 4.10.0, missing checks in entry get attribute value in ta/pkcs11/src/object.c can lead to out-of-bounds read...

8.7CVSS5.9AI score0.00179EPSS
Exploits2References6
Fedora
Fedoraadded 2026/03/27 1:18 a.m.2 views

[SECURITY] Fedora 43 Update: rust-cryptoki-0.12.0-2.fc43

Rust-native wrapper around the PKCS 11 API...

9.8CVSS5.8AI score0.005EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2025/02/10 12:0 a.m.2 views

PT-2025-6067 · Unknown +2 · Pam Pkcs11 +2

Name of the Vulnerable Software and Affected Versions: PAM-PKCS11 versions 0.6.12 and prior Description: The issue affects a Linux-PAM login module that allows X.509 certificate-based user login. When a user presses ctrl-c/ctrl-d while being asked for a PIN, the pam pkcs11 module segfaults...

9.2CVSS8.1AI score0.00677EPSS
Exploits0References35
SUSE CVE
SUSE CVEadded 2024/09/04 3:14 a.m.3 views

SUSE CVE-2024-45619

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer...

3.9CVSS6.9AI score0.003EPSS
Exploits0References10
RedHat Linux
RedHat Linuxadded 2023/08/01 2:8 p.m.3 views

openssh: Remote code execution in ssh-agent PKCS#11 support

A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...

9.8CVSS8.1AI score0.76768EPSS
Exploits10References5
SUSE CVE
SUSE CVEadded 2023/02/15 4:54 a.m.4 views

SUSE CVE-2016-10009

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...

7.3CVSS8AI score0.37431EPSS
Exploits4References17
Broadcom
Broadcomadded 2017/05/17 12:0 a.m.7 views

BSA-2017-272

Security Advisory ID : BSA-2017-272 Component : OpenSSH Revision : 2.0: Final Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. Affected...

7.5CVSS9.2AI score0.37431EPSS
Exploits4
BDU FSTEC
BDU FSTECadded 2017/02/17 12:0 a.m.4 views

The vulnerability of the ssh-agent agent in the OpenSSH encryption tool allows a hacker to execute arbitrary code.

The vulnerability of the ssh-agent agent in the OpenSSH encryption tool is related to insufficient checking of modules loaded based on the PKCS11 encryption standard. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS7.3AI score0.37431EPSS
Exploits4References16Affected Software9
Rows per page
Query Builder