CVE-2026-40960

A flaw was found in Luanti. When at least one module mod is configured as trusted or secure, a specially crafted module can intercept requests to an insecure environment or the HTTP API. This allows the crafted module to gain unintended access to sensitive information and functionality within tha...

CVE-2026-1709

A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security TLS authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing...

SUSE-SU-2026:20179-1 Security update for gpg2

This update for gpg2 fixes the following issues: - CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys bsc1257396. - CVE-2026-24883: denial of service due to long signature packet length causing parsesignature to return success with sig-data set to a NULL...

PT-2025-53071

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.8 1 Description The Linux kernel contained an issue within the TPM Trusted Platform Module subsystem. A crash could occur due to a missing invariant check during the unregistration of the hardware random numb...

EUVD-2025-24411

Malicious code in bioql PyPI...

K000154686: Intel Xeon processors vulnerability CVE-2025-24305

Security Advisory Description Insufficient control flow management in the Alias Checking Trusted Module ACTM firmware for some IntelR XeonR processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-24305 Impact There is no impact; F5 products...

Amazon Linux 2023 : microcode_ctl (ALAS2023-2025-1190)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1190 advisory. Improper buffer restrictions for some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-2005...

Linux Distros Unpatched Vulnerability : CVE-2025-24305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient control flow management in the Alias Checking Trusted Module ACTM firmware for some IntelR XeonR processors may allow a privileged user to...

2025.3 IPU, Intel®  Xeon® Processor Firmware Advisory

Summary: Potential security vulnerabilities in the Intel® Xeon® Processors may allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-20053 Description: Improper buffer restriction...

CVE-2025-24305

Insufficient control flow management in the Alias Checking Trusted Module ACTM firmware for some IntelR XeonR processors may allow a privileged user to potentially enable escalation of privilege via local access...

DEBIAN-CVE-2025-24305

Insufficient control flow management in the Alias Checking Trusted Module ACTM firmware for some IntelR XeonR processors may allow a privileged user to potentially enable escalation of privilege via local access...

ALPINE-CVE-2025-24305

Insufficient control flow management in the Alias Checking Trusted Module ACTM firmware for some IntelR XeonR processors may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-24305

Insufficient control flow management in the Alias Checking Trusted Module ACTM firmware for some IntelR XeonR processors may allow a privileged user to potentially enable escalation of privilege via local access...

UBUNTU-CVE-2025-24305

Insufficient control flow management in the Alias Checking Trusted Module ACTM firmware for some IntelR XeonR processors may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-24305

Insufficient control flow management in the Alias Checking Trusted Module ACTM firmware for some IntelR XeonR processors may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-24305

CVE-2025-24305 concerns insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware on some Intel Xeon processors, potentially allowing privilege escalation via local access. Connected sources consistently reference Intel microcode updates as the remediation path. De...

libtpms: Libtpms Out-of-Bounds Read Vulnerability

A flaw was found in libtpms. A heap buffer overflow can occur in the tpmsparsepssh function when parsing a malformed Public Signature Key Exchange PSK structure. A local attacker can trigger this overflow by providing a crafted PSK structure to the library. This can lead to a denial of service or...

UBUNTU-CVE-2021-3623

A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to...