Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/08 8:59 p.m.13 views

CVE-2026-48501

A flaw was found in GitHub CLI. The tool incorrectly includes authorization headers in API requests to TUF repository mirrors when using commands such as gh attestation, gh release verify, and gh release verify-asset. This issue occurs because the shared HTTP client's authentication layer lacks...

9.1CVSS5.9AI score0.00289EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/04/14 10:18 a.m.98 views

starknet-staking_audit1

Markdown https://dev.to/rdin777/starknet-btc-staking-how-to-ext...

5.7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/02/04 8:43 p.m.5 views

EVE Doesn't Measure Config Partition From 2 Fronts

Impact PCR14 is not included in the list of PCRs that seal/unseal the vault key. Additionally, the vault key uses SHA1 PCRs instead of SHA256. Thus an attacker with physical access can take out the disk, use a different computer to modify the files in the /config partition, and re-insert the disk...

8.8CVSS5.4AI score0.00107EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2025/11/12 9:45 p.m.5 views

Evervault Go SDK: Incomplete PCR Validation in Enclave Attestation for non-Evervault hosted Enclaves

Summary A vulnerability was identified in the evervault-go SDK’s attestation verification logic that may allow incomplete documents to pass validation. This may cause the client to trust an enclave operator that does not meet expected integrity guarantees. The exploitability of this issue is...

8.7CVSS6.4AI score0.00124EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/11/23 3:57 p.m.5 views

SUSE-SU-2022:4204-1 Security update for keylime

This update for keylime fixes the following issues: - CVE-2022-3500: Fixed vulnerability where a node seems as attested when in reality it is not properly attested bsc1204782...

5.1CVSS5.1AI score0.00247EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/06/21 12:0 a.m.5 views

The vulnerability of the OpenAttestation agent, related to errors in the implementation of the host attestation process, allows a violator to disclose the protected information.

The vulnerability of the OpenAttestation technology is related to errors in the process of hosting attestation. Exploiting this vulnerability can allow attackers to disclose the protected information...

4.4CVSS5.5AI score0.00252EPSS
Exploits0References3
Rows per page
Query Builder