CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

CVE•added 2026/05/06 10:19 a.m.•14 views

CVE-2026-6420

CVE-2026-6420 affects Keylime: a flaw in the verifier uses a hardcoded TPM quote nonce instead of a cryptographically random value. An attacker with root on an enrolled monitored machine where the Keylime agent runs can stockpile valid TPM quotes and replay them to evade detection after compromis...

6.3CVSS5.8AI score0.00017EPSS

Exploits0References2

CNNVD•added 2026/05/06 12:0 a.m.•4 views

Keylime 安全漏洞

Keylime is an open-source scalable trust system developed using TPM technology. Keylime has a security vulnerability, which stems from the verifier using hardcoded challenge random numbers for TPM reference proofs instead of encrypted random values. This allows attackers to accumulate valid TPM...

6.3CVSS5.8AI score0.00017EPSS

Exploits0References2

Rockylinux•added 2025/12/18 9:9 a.m.•3 views

keylime security update

An update is available for keylime. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Keylime is a TPM based highly scalable remote boot attestation and runtime...

8.2CVSS7.1AI score0.00094EPSS

Exploits0

Oracle linux•added 2025/12/16 12:0 a.m.•5 views

keylime security update

7.12.1-11.3 - Registrar allows identity takeover via duplicate UUID registration Resolves: RHEL-130760 7.12.1-11.2 - Properly fix the malformed certificate workaround Resolves: RHEL-111244...

8.2CVSS7.2AI score0.00094EPSS

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-28864

Malicious code in bioql PyPI...

7.5CVSS8.1AI score0.00339EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-52827

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00128EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-28867

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00064EPSS

Exploits1References4

AlmaLinux•added 2025/05/13 12:0 a.m.•2 views

Moderate: keylime-agent-rust security update

Rust agent for Keylime Security Fixes: rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References...

6.3CVSS7AI score0.00116EPSS

Exploits0References4

Vulnrichment•added 2025/03/15 8:50 a.m.•1 views

CVE-2025-1057 Keylime: keylime registrar dos due to incompatible database entry handling

A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas...

4.3CVSS4.5AI score0.00046EPSS

Exploits0References2

OSV•added 2023/09/05 7:55 a.m.•4 views

SUSE-SU-2023:3525-1 Security update for keylime

This update for keylime fixes the following issues: - CVE-2023-38201: Fixed a bug to avoid leaks of the authorization tag. bsc1213314...

6.5CVSS6.5AI score0.00023EPSS

Exploits0References3

OSV•added 2022/11/23 3:57 p.m.•4 views

SUSE-SU-2022:4204-1 Security update for keylime

This update for keylime fixes the following issues: - CVE-2022-3500: Fixed vulnerability where a node seems as attested when in reality it is not properly attested bsc1204782...

5.1CVSS5.1AI score0.00117EPSS

Exploits0References3

Vulnrichment•added 2022/09/21 6:23 p.m.•5 views

CVE-2022-23948

A flaw was found in Keylime before 6.3.0. The logic in the Keylime agent for checking for a secure mount can be fooled by previously created unprivileged mounts allowing secrets to be leaked to other processes on the host...

7.4AI score0.00339EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by