Lucene search
K

8 matches found

NVD
NVD
added 2026/06/24 12:16 a.m.10 views

CVE-2026-6458

Missing cryptographic step in Caliptra Core Firmware aes256gcmupdate module results in an incorrect GCM authentication tag. When the streaming AES-256-GCM API is used with empty AAD, the hardware GHASH accumulator state is not saved after the first update call, causing the final tag to exclude th...

5.1CVSS0.00128EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 11:50 p.m.18 views

CVE-2026-5818

The CVE-2026-5818 entry concerns the Caliptra Core Runtime Firmware and describes an incorrect return-value check in ActivateFirmwareCmd::activate_fw modules, which allows bypassing the Core’s verification of MCU firmware during a hitless update. Affected versions are Core Runtime Firmware 2.0.0 ...

7.2CVSS5.8AI score0.00155EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 11:49 p.m.6 views

CVE-2026-6458

Missing cryptographic step in Caliptra Core Firmware aes256gcmupdate module results in an incorrect GCM authentication tag. When the streaming AES-256-GCM API is used with empty AAD, the hardware GHASH accumulator state is not saved after the first update call, causing the final tag to exclude th...

5.1CVSS5.8AI score0.00128EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.15 views

PT-2026-51609

Name of the Vulnerable Software and Affected Versions Caliptra Core Runtime Firmware versions 2.0.0 through 2.0.1 Caliptra Core Runtime Firmware version 2.1.0 Description An incorrect check of a function return value within the ActivateFirmwareCmd::activate fw modules allows the bypass of the...

7.2CVSS5.8AI score0.00155EPSS
Exploits0References6
NVD
NVD
added 2025/10/01 12:15 p.m.11 views

CVE-2023-53487

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtasflash: allow user copy to flash block cache objects With hardened usercopy enabled CONFIGHARDENEDUSERCOPY=y, using the /proc/powerpc/rtas/firmwareupdate interface to prepare a system firmware update yields a BUG: kern...

7.8CVSS0.00153EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/06/19 3:45 a.m.4 views

SUSE CVE-2022-49955

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Fix RTAS MSRHV handling for Cell The semi-recent changes to MSR handling when entering RTAS firmware cause crashes on IBM Cell machines. An example trace: kernel tried to execute user page 2fff01a8 - exploit attempt...

5.5CVSS6.5AI score0.00179EPSS
Exploits0References3
OSV
OSV
added 2025/06/18 11:15 a.m.5 views

UBUNTU-CVE-2022-49955

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Fix RTAS MSRHV handling for Cell The semi-recent changes to MSR handling when entering RTAS firmware cause crashes on IBM Cell machines. An example trace: kernel tried to execute user page 2fff01a8 - exploit attempt...

5.5CVSS6AI score0.00179EPSS
Exploits0References4
CNVD
CNVD
added 2019/06/10 12:0 a.m.5 views

HP Workstation BIOS Security Feature Issue Vulnerability

HP Workstation is a high-performance desktop computer from Hewlett-Packard HP in the U.S. BIOS is one of the basic input and output systems. A security vulnerability exists in the HP Workstation BIOS UEFI Firmware. An attacker could exploit this vulnerability to tamper with the runtime BIOS code...

9CVSS6.8AI score0.01236EPSS
Exploits0References1
Rows per page
Query Builder