PT-2026-6361

Impact The vault key is sealed using SHA1 PCRs instead of SHA256 PCRs Thus an attacker with physical access to an EVE-OS device can try to brute force creating a kernel or rootfs image which produces the same SHA1 PCR but with malicious content. Patches Fixed in 9.4.3-lts and 10.1.0 Workarounds N...

SUSE-SU-2026:20356-1 Security update for gpg2

This update for gpg2 fixes the following issues: - CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption bsc1255715. Other security fixes: - gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures bsc1256246. - gpg...

Virtuoso Open-Source Edition 安全漏洞

Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment, and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.11, which...

CVE-2024-5565

creationtimestamp| type| source ---|---|--- 2024-06-27 11:34:54+00:00| seen| Telegram/ZsbHSuDV48H-a1ELq9wdg6d2vdMfxqBSJBQ7Z887p2osX8 2024-06-27 11:58:09+00:00| seen| https://t.me/thehackernews/5179 2024-06-27 12:00:06+00:00| seen| https://t.me/KomunitiSiber/2171 2024-06-27 12:07:46+00:00|...

CVE-2023-43635

Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the...