33 matches found
EUVD-2024-41550
Malicious code in bioql PyPI...
CVE-2023-39908
The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory...
CVE-2024-45678
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...
CVE-2024-45678
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...
CVE-2023-39908
The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory...
Code injection
The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory...
CVE-2023-39908
CVE-2023-39908 affects the PKCS11 module of the YubiHSM 2 SDK (through 2023.01). The issue is an improper validation of the length in specific read operations on object metadata, which may disclose uninitialized and previously used memory. Connected Nessus and Red Hat/NVD entries corroborate an u...
CVE-2023-39908
The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory...
CVE-2023-39908
The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory...
Yubico YubiHSM 2 SDK Buffer Error Vulnerability
Yubico YubiHSM is a solution from Yubico Inc. for protecting Certificate Authority root keys from being copied by attackers, malware and malicious insiders. A security vulnerability exists in Yubico YubiHSM 2 SDK 2023.01 and earlier versions, which stems from the PKCS11 module failing to correctl...
Security Advisory YSA-2023-01 | Yubico
The PKCS11 module of the YubiHSM 2 SDK does not properly validate the length of specific read operations on object metadata which may lead to disclosure of uninitialized and previously used memory...
Fedora: Security Advisory for yubihsm-connector (FEDORA-2022-5038c3236c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: yubihsm-connector-3.0.3-4.fc36
Backend to talk to YubiHSM 2...
Fedora: Security Advisory for yubihsm-connector (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: yubihsm-connector-3.0.2-2.fc35
Backend to talk to YubiHSM 2...
Fedora: Security Advisory for yubihsm-connector (FEDORA-2022-cbc7bfd88c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: yubihsm-connector-3.0.3-3.fc36
Backend to talk to YubiHSM 2...
[SECURITY] Fedora 36 Update: yubihsm-connector-3.0.2-3.fc36
Backend to talk to YubiHSM 2...
CVE-2021-43399
The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device...
[SECURITY] Fedora 34 Update: yubihsm-connector-3.0.1-1.fc34
Backend to talk to YubiHSM 2...