CVE-2025-58356

Constellation uses LUKS2-encrypted volumes for persistent storage in a Confidential Kubernetes setup. The vulnerability arises when opening an encrypted device via crypt_activate_by_passhrase because cryptsetup 2.8.1 mishandles null keyslot algorithms, which can cause a volume to be opened withou...

CVE-2025-11568 Luksmeta: data corruption when handling luks1 partitions with luksmeta

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...

EUVD-2014-1119

Malware in sbrugna...

EUVD-2018-18952

Malware in sbrugna...

EUVD-2008-6043

Malware in sbrugna...

EUVD-2014-9779

Malware in sbrugna...

EUVD-2014-2057

Malware in sbrugna...

EUVD-2018-4020

Malware in sbrugna...

EUVD-2020-1909

Malware in sbrugna...

EUVD-2018-4021

Malware in sbrugna...

EUVD-2019-4703

Malware in sbrugna...

EUVD-2018-12899

Malware in sbrugna...

EUVD-2017-6385

Malware in sbrugna...

EUVD-2020-18825

Malware in sbrugna...

EUVD-2018-15473

Malware in sbrugna...

EUVD-2023-23524

Malicious code in bioql PyPI...

CVE-2025-59054 dstack has insecure LUKS2 persistent storage partitions that may be opened and used

dstack is a software development kit SDK to simplify the deployment of arbitrary containerized apps into trusted execution environments. In versions of dstack prior to 0.5.4, a malicious host may provide a crafted LUKS2 data volume to a dstack CVM for use as the /data mount. The guest will open t...

Linux Distros Unpatched Vulnerability : CVE-2020-11932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered. CVE-2020-11932 Note that Ness...

CVE-2024-46916

Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before the filesystem is properly mounted e.g., leveraging a delete call in /etc/rc.d/init.d/mountfs to remove the /etc/fstab file. This can allow code execution and, ...

PT-2025-35243

Name of the Vulnerable Software and Affected Versions: Diebold Nixdorf Vynamic Security Suite versions through 4.3.0 SR01 Description: Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does not validate file attributes or the contents of the /root directory during integrity validation. Th...