Lucene search
K

538 matches found

EUVD
EUVD
added 6 days ago6 views

EUVD-2026-41271

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:3 p.m.2 views

SUSE-SU-2026:22459-1 Security update for pcr-oracle

This update for pcr-oracle fixes the following issues Update to 0.6.3: Security issue: - integer underflow vulnerability in parsesbatlevelsection bsc1265042. Non security issue: - Lockout Authorization error for libvirt-emulated TPM bsc1265871. Changes for pcr-oracle: + Relax TPM self-test...

5.9AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/24 1:39 a.m.10 views

keylime: Keylime: Security bypass due to hardcoded TPM quote nonce

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/24 1:39 a.m.7 views

Moderate: Red Hat Security Advisory: keylime security update

An update for keylime is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

6.3CVSS6AI score0.00121EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51932

Name of the Vulnerable Software and Affected Versions Linux kernel version 6.12.40 Description A global out-of-bounds read occurs in the create securityfs measurement lists function when the system uses a TPM chip with an unsupported hash algorithm. The issue arises because ima tpm chip-allocated...

6.1AI score0.00168EPSS
Exploits0References13
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: tpm: Clean up the TPM space after a command failure The tpmdevtransmit function prepares the TPM space before attempting to transmit a command. However, if the command fails, no rollback of this preparation occurs. This can lead ...

5.5CVSS6.4AI score0.00219EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tpm: In tpmcrb, add acpiputtable to fix a memory leak. In crbacpiadd, we obtain the TPM2 table to retrieve information such as the start method, and then assign those values to private data. Therefore, the TPM2 table is not used...

5.5CVSS5.3AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A flaw was discovered in the Linux kernel’s implementation of proxied virtualized TPM devices. In a system where virtualized TPM devices are enabled which is not the default setting, a local attacker can exploit this flaw to create a “use-after-free” condition, potentially allowing them to escala...

7.8CVSS6.7AI score0.00233EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 10:0 a.m.9 views

EUVD-2026-36411

A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...

7CVSS5.1AI score0.00115EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 10:0 a.m.20 views

CVE-2026-9266

CVE-2026-9266 affects Moxa’s embedded Linux firmware for industrial computers and controllers. The issue is a Missing Required Cryptographic Step, an incomplete remediation of CVE-2026-0714, where TPM2 parameter encryption is undermined by an omission in the authorization session configuration. A...

7CVSS5.2AI score0.0007EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 10:0 a.m.6 views

CVE-2026-9266

A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...

7CVSS5.2AI score0.0007EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.12 views

PT-2026-48857

A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...

7CVSS5.2AI score0.0007EPSS
Exploits0References2
OSV
OSV
added 2026/06/11 4:55 p.m.5 views

MGASA-2026-0197 Updated gnupg2 packages fix security vulnerabilities

CVE-2025-68973, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. CVE-2026-24882, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC key...

8.4CVSS7.3AI score0.00447EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2026/06/08 7:54 p.m.11 views

CVE-2026-46283

A flaw was found in the Linux kernel's Trusted Platform Module TPM driver. This vulnerability arises from the driver's failure to securely clear sensitive cryptographic material, such as session keys and passphrases, from memory when a TPM device is released. A local attacker could potentially...

5.5CVSS5.4AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2026/06/08 5:16 p.m.8 views

UBUNTU-CVE-2026-46283

In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...

5.4AI score0.00168EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/06/08 3:41 p.m.42 views

CVE-2026-46283 tpm: Use kfree_sensitive() to free auth session in tpm_dev_release()

In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...

0.00168EPSS
Exploits0References4
CVE
CVE
added 2026/06/08 3:41 p.m.23 views

CVE-2026-46283

In the provided sources, CVE-2026-46283 affects the Linux kernel TPM subsystem, where tpm_dev_release() frees sensitive material (chip->auth) with plain kfree() instead of kfree_sensitive(). This leaves HMAC session keys, nonces, and passphrase data potentially scrubbed only later in memory, u...

5.5CVSS5.5AI score0.00168EPSS
Exploits0References4Affected Software1
Fedora
Fedora
added 2026/06/07 1:7 a.m.15 views

[SECURITY] Fedora 43 Update: keylime-7.14.2-1.fc43

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

6.3CVSS5.5AI score0.00121EPSS
Exploits0
Fedora
Fedora
added 2026/06/07 12:57 a.m.16 views

[SECURITY] Fedora 44 Update: keylime-7.14.2-1.fc44

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

6.3CVSS5.5AI score0.00121EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.13 views

CVE-2026-6923

A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman ECDH key...

3.8CVSS5.4AI score0.00117EPSS
Exploits0References1
Rows per page
Query Builder