Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Snyk
Snykadded 2025/10/27 7:43 p.m.1 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to unsafe handling of null keyslot algorithms in the cryptactivatebypassphrase function. An attacker can gain unauthorized access to unencrypted persistent storage by exploiting the...

8.3CVSS7AI score0.00112EPSS
Exploits0References2
Snyk
Snykadded 2025/10/27 7:43 p.m.2 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to unsafe handling of null keyslot algorithms in the cryptactivatebypassphrase function. An attacker can gain unauthorized access to unencrypted persistent storage by exploiting the...

8.3CVSS7AI score0.00112EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/10/27 7:33 p.m.2 views

CVE-2025-58356 Constellation allows insecure use of LUKS2 persistent storage partitions

Constellation is the first Confidential Kubernetes. The Constellation CVM image uses LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the CVM uses the libcryptsetup function cryptactivatebypasshrase. If the VM is successful in opening the partition with th...

8.3CVSS6.3AI score0.00112EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/09/12 1:1 p.m.12 views

CVE-2025-59054 dstack has insecure LUKS2 persistent storage partitions that may be opened and used

dstack is a software development kit SDK to simplify the deployment of arbitrary containerized apps into trusted execution environments. In versions of dstack prior to 0.5.4, a malicious host may provide a crafted LUKS2 data volume to a dstack CVM for use as the /data mount. The guest will open t...

8.5CVSS0.00159EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/09/12 12:0 a.m.2 views

dstack 安全漏洞

dstack is a TEE deployment tool from the Dstack TEE open source. A security vulnerability exists in versions prior to dstack 0.5.4, which stems from the possibility that a malicious host could provide specially crafted LUKS2 data volumes, leading to the disclosure of Wireguard keys and other secr...

8.5CVSS9.2AI score0.00159EPSS
Exploits0References5
OSV
OSVadded 2020/09/16 3:15 p.m.2 views

DEBIAN-CVE-2020-14382

A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2jsonmetadata.c' in function...

7.8CVSS7.5AI score0.01157EPSS
Exploits0References1
Rows per page
Query Builder