Trusted Compute Units: a Framework for Chained Verifiable Computations

Blockchain and distributed ledger technologies DLTs facilitate decentralized computations across trust boundaries. However, ensuring complex computations with low gas fees and confidentiality remains challenging. Recent advances in Confidential Computing -- leveraging hardware-based Trusted...

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform Execution Environments Container Release Update

An update is now available for Red Hat Ansible Automation Platform Execution Environments Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to...

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform Execution Environments Container Release Update

An update is now available for Red Hat Ansible Automation Platform Execution Environments Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to...

IBM Db2 Injection Vulnerability

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from an injection vulnerability that can be exploited by an authenticated attacker to...

IBM Db2 Denial of Service Vulnerability (CNVD-2025-01793)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service full vulnerability that can be exploited by an attacker to cau...

IBM Db2 Denial of Service Vulnerability (CNVD-2025-01792)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

IBM Db2 Denial of Service Vulnerability (CNVD-2025-03032)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates when a specially crafted cursor ...

IBM Db2 Denial of Service Vulnerability (CNVD-2025-03030)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

Qualcomm Chip Security Breach

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip has a security vulnerability that stems from a weak...

CVE-2023-37479

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...

Design/Logic Flaw

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...

CVE-2023-37479 Improper sanitization of MXCSR and RFLAGS in OpenEnclave

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...

CVE-2023-37479

Open Enclave SDK before 0.19.3 is affected by two issues: MXCSR not sanitized on enclave entry, enabling MXCSR Configuration Dependent Timing (MCDT) attacks, and RFLAGS.AC not sanitized, enabling a side-channel that reveals unaligned memory accesses. The guidance indicates these have been address...

CVE-2023-37479 Improper sanitization of MXCSR and RFLAGS in OpenEnclave

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...

CVE-2023-37479 Improper sanitization of MXCSR and RFLAGS in OpenEnclave

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...

Serverless protection for execution environments made easy

Serverless computing is transforming the way we build, ship, automate, and scale applications. With no infrastructure to manage, organizations can move from ideation to market faster, with virtually no operational overhead. Consequently, these enterprises can now focus on just the code that serve...

Unspecified Vulnerability in IBM DB2 (CNVD-2021-43362)

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in Db2 that originates from an abnormal termination of the server duri...

Asylo Open-Source Framework Tackles TEEs for Cloud

Asylo, an open-source framework and software development kit SDK for creating applications that run in trusted execution environments TEEs, has launched to tackle the complexity involved in running a confidential computing platform for workloads in the cloud and virtual environments. TEEs provide...