Lucene search
K

518 matches found

NVD
NVD
added 2026/04/10 5:17 p.m.11 views

CVE-2026-40097

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS0.00181EPSS
Exploits0References4
CVE
CVE
added 2026/04/10 4:34 p.m.18 views

CVE-2026-40097

CVE-2026-40097 affects Step CA (online CA for secure, automated certificate management). From version 0.24.0 up to before 0.30.0-rc3, an attacker can trigger an index-out-of-bounds panic during TPM device attestation by sending a crafted attestation key certificate with an empty EKU extension. Sp...

3.7CVSS5.9AI score0.00181EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/10 4:34 p.m.34 views

CVE-2026-40097 Step CA affected by an index out of bounds panic in TPM attestation EKU validation

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS0.00181EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/10 4:34 p.m.7 views

CVE-2026-40097

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS5.9AI score0.00181EPSS
Exploits0References5Affected Software1
Packet Storm News
Packet Storm News
added 2026/03/25 12:0 a.m.3 views

Towards Remote Attestation of Microarchitectural Attacks: The Case of Rowhammer

Microarchitectural vulnerabilities increasingly undermine the assumption that hardware can be treated as a reliable root of trust. Prevention mechanisms often lag behind evolving attack techniques, leaving deployed systems unable to assume continued trustworthiness. We propose a shift from...

5.8AI score
Exploits0
NVD
NVD
added 2026/03/18 6:16 a.m.9 views

CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS0.0014EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/18 5:14 a.m.4 views

CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/18 5:14 a.m.9 views

CVE-2026-32606 IncusOS has a LUKS encryption bypass due to insufficient TPM policy

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/16 4:26 p.m.3 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to insufficient policy enforcement in the Trusted Platform Module TPM during the disk decryption process. An attacker can gain unauthorized access to encrypted data by physically replacing the ro...

7.6CVSS5.9AI score0.0014EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/16 4:26 p.m.3 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to insufficient policy enforcement in the Trusted Platform Module TPM during the disk decryption process. An attacker can gain unauthorized access to encrypted data by physically replacing the ro...

7.6CVSS5.9AI score0.0014EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/16 4:26 p.m.10 views

IncusOS has a LUKS encryption bypass due to insufficient TPM policy

The default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the system's owner or any tampering of Secure Boot state or kernel UKI boot image. That's...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.6 views

PT-2026-25845

Name of the Vulnerable Software and Affected Versions IncusOS versions prior to 202603142010 Description The default configuration of systemd-cryptenroll, as used by IncusOS through mkosi, allows an attacker with physical access to the machine to access encrypted data without requiring interactio...

7.6CVSS5.9AI score0.0014EPSS
Exploits0References10
Fedora
Fedora
added 2026/03/07 12:31 a.m.8 views

[SECURITY] Fedora 44 Update: keylime-7.14.1-1.fc44

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

9.8CVSS5.8AI score0.05431EPSS
Exploits0
Fedora
Fedora
added 2026/03/04 12:56 a.m.9 views

[SECURITY] Fedora 43 Update: keylime-7.14.1-1.fc43

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

9.8CVSS6AI score0.05431EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/16 2:36 p.m.5 views

GnuPG: GnuPG: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution

A flaw was found in GnuPG. This vulnerability, a stack-based buffer overflow, occurs in the tpm2daemon component when processing PKDECRYPT commands for cryptographic keys secured by a Trusted Platform Module TPM. A local attacker could exploit this to execute unauthorized code, potentially gainin...

8.4CVSS6.2AI score0.00421EPSS
Exploits1References6
OSV
OSV
added 2026/02/13 1:14 p.m.6 views

OESA-2026-1336 gnupg2 security update

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 also known as PGP. GnuPG enables encryption and signing of data and communication, and features a versatile key management system as well as access modules for public key directories. Security Fixes: In GnuP...

8.4CVSS6.1AI score0.00421EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.3 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gpg2 (SUSE-SU-2026:0434-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0434-1 advisory. Security fixes: - CVE-2026-24882: Fixed stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA...

8.4CVSS6.1AI score0.00421EPSS
Exploits1References5
OSV
OSV
added 2026/02/11 9:23 a.m.3 views

SUSE-SU-2026:0434-1 Security update for gpg2

This update for gpg2 fixes the following issues: Security fixes: - CVE-2026-24882: Fixed stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys bsc1257396 - Fixed GnuPG accepting Path Separators and Path Traversals in Literal Data 'Filename' Field bsc1256389...

8.4CVSS6.2AI score0.00421EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/02/09 9:44 a.m.9 views

keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication

A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security TLS authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing...

9.8CVSS5.7AI score0.05431EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/02/09 2:49 a.m.3 views

keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication

A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security TLS authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing...

9.8CVSS5.7AI score0.05431EPSS
Exploits0References4
Rows per page
Query Builder