CVE-2024-46917

The CVE-2024-46917 entry concerns Diebold Nixdorf Vynamic Security Suite up to version 4.3.0 SR01. The vulnerability arises because integrity validation does not validate file attributes or the contents of the /root directory, enabling malicious actions. Reported impact includes code execution, r...

Linux Distros Unpatched Vulnerability : CVE-2019-13179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable...

Linux Distros Unpatched Vulnerability : CVE-2025-4382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto- decryption. When GRUB is set to automatically decrypt disks...

Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16356)

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from the hard disk not using full volume encryption, which can be exploited by an attacker to bypas...

Endress+Hauser MEAC300-FNADE4 安全漏洞

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from the hard disk not using full volume encryption, which can be exploited by an attacker to bypas...

CVE-2024-3082

A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security measures at other layers e.g., full-disk encryption have been enabled...

CVE-2023-28005

A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the...

CVE-2020-0407

In various functions in fscryptice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs Initialization Vectors, 64-bit IVs are used and later are truncated to 32 bits. This may cause IV reuse and thus weakened disk encryption...

CVE-2020-26200

A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk KRD and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security KES...

CVE-2011-5117

Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of 1 out-of-date credentials and 2 invalid credentials, which allows physically proximate attackers to defeat t...

SUSE CVE-2025-4382

A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto-decryption. When GRUB is set to automatically decrypt disks using keys stored in the TPM, it reads the decryption key into system memory. If an attacker with physical access can corrupt the underlyi...

UBUNTU-CVE-2025-4382

A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto-decryption. When GRUB is set to automatically decrypt disks using keys stored in the TPM, it reads the decryption key into system memory. If an attacker with physical access can corrupt the underlyi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the dmcryptwrite function not adding condresched, which could lead to a soft lockup...

jose security update

An update is available for jose. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Jose is a C-language implementation of the Javascript Object Signing and...

RLSA-2024:9181 Moderate: jose security update

Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevis and tang packages, together providing Network Bound Disk Encryption NBDE in Rocky Linux. Security Fixes: jose: resource exhaustion CVE-2024-28176 jose:...

DEBIAN-CVE-2022-49262

In the Linux kernel, the following vulnerability has been resolved: crypto: octeontx2 - remove CONFIGDMCRYPT check No issues were found while using the driver with dm-crypt enabled. So CONFIGDMCRYPT check in the driver can be removed. This also fixes the NULL pointer dereference in driver release...

UBUNTU-CVE-2022-49262

In the Linux kernel, the following vulnerability has been resolved: crypto: octeontx2 - remove CONFIGDMCRYPT check No issues were found while using the driver with dm-crypt enabled. So CONFIGDMCRYPT check in the driver can be removed. This also fixes the NULL pointer dereference in driver release...

CVE-2024-7142

On Arista CloudVision Appliance CVA affected releases running on appliances that support hardware disk encryption DCA-350E-CV only, the disk encryption might not be successfully performed. This results in the disks remaining unsecured and data on them...

CVE-2024-7142 On Arista CloudVision Appliance (CVA) affected releases running on appliances that support hardware disk encryption (DCA-350E-CV only), the disk encryption might not be successfully performed. This results in the disks remaining unsecured and data on them

On Arista CloudVision Appliance CVA affected releases running on appliances that support hardware disk encryption DCA-350E-CV only, the disk encryption might not be successfully performed. This results in the disks remaining unsecured and data on them...

CVE-2024-7142

The CVE-2024-7142 issue affects Arista CloudVision Appliance (CVA) on DCA-350E-CV hardware where disk encryption may not be applied, leaving disks unsecured and data potentially readable. The Arista Security Advisory 0104 confirms that encryption can fail during normal operation, affecting CVA so...