Lucene search
+L

548 matches found

RedhatCVE
RedhatCVE
added 2026/04/13 5:35 p.m.4 views

CVE-2026-40097

A flaw was found in Step CA, an online certificate authority. A remote attacker can trigger a Denial of Service DoS by sending a specially crafted attestation key AK certificate with an empty Extended Key Usage EKU extension during Trusted Platform Module TPM device attestation. This causes an...

3.7CVSS5.7AI score0.00181EPSS
Exploits0References2
OSV
OSV
added 2026/04/10 8:18 p.m.19 views

GHSA-9QQ8-CGCV-QMC9 Step CA affected by an index out of bounds panic in TPM attestation EKU validation

Summary An attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension during TPM device attestation. Details When processing a device-attest-01 ACME challenge using TPM attestation, Step CA...

3.7CVSS5.9AI score0.00181EPSS
Exploits0References6
NVD
NVD
added 2026/04/10 5:17 p.m.11 views

CVE-2026-40097

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS0.00181EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/10 4:34 p.m.34 views

CVE-2026-40097 Step CA affected by an index out of bounds panic in TPM attestation EKU validation

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS0.00181EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/10 4:34 p.m.7 views

CVE-2026-40097

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS5.9AI score0.00181EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/10 4:34 p.m.19 views

CVE-2026-40097

CVE-2026-40097 affects Step CA (online CA for secure, automated certificate management). From version 0.24.0 up to before 0.30.0-rc3, an attacker can trigger an index-out-of-bounds panic during TPM device attestation by sending a crafted attestation key certificate with an empty EKU extension. Sp...

3.7CVSS5.9AI score0.00181EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/10 4:34 p.m.2 views

CVE-2026-40097 Step CA affected by an index out of bounds panic in TPM attestation EKU validation

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS6AI score0.00181EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/03/28 12:27 a.m.6 views

SUSE CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS5.9AI score0.0014EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/03/25 12:0 a.m.3 views

Towards Remote Attestation of Microarchitectural Attacks: The Case of Rowhammer

Microarchitectural vulnerabilities increasingly undermine the assumption that hardware can be treated as a reliable root of trust. Prevention mechanisms often lag behind evolving attack techniques, leaving deployed systems unable to assume continued trustworthiness. We propose a shift from...

5.8AI score
Exploits0
NVD
NVD
added 2026/03/18 6:16 a.m.9 views

CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS0.0014EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/18 5:14 a.m.4 views

CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/18 5:14 a.m.10 views

CVE-2026-32606 IncusOS has a LUKS encryption bypass due to insufficient TPM policy

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/16 4:26 p.m.3 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to insufficient policy enforcement in the Trusted Platform Module TPM during the disk decryption process. An attacker can gain unauthorized access to encrypted data by physically replacing the ro...

7.6CVSS5.9AI score0.0014EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/16 4:26 p.m.3 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to insufficient policy enforcement in the Trusted Platform Module TPM during the disk decryption process. An attacker can gain unauthorized access to encrypted data by physically replacing the ro...

7.6CVSS5.9AI score0.0014EPSS
Exploits0References2
OSV
OSV
added 2026/03/16 4:26 p.m.5 views

GHSA-WJ2J-QWCF-CFCC IncusOS has a LUKS encryption bypass due to insufficient TPM policy

The default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the system's owner or any tampering of Secure Boot state or kernel UKI boot image. That's...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/03/16 4:26 p.m.10 views

IncusOS has a LUKS encryption bypass due to insufficient TPM policy

The default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the system's owner or any tampering of Secure Boot state or kernel UKI boot image. That's...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.6 views

PT-2026-25845

Name of the Vulnerable Software and Affected Versions IncusOS versions prior to 202603142010 Description The default configuration of systemd-cryptenroll, as used by IncusOS through mkosi, allows an attacker with physical access to the machine to access encrypted data without requiring interactio...

7.6CVSS5.9AI score0.0014EPSS
Exploits0References10
Fedora
Fedora
added 2026/03/07 12:31 a.m.8 views

[SECURITY] Fedora 44 Update: keylime-7.14.1-1.fc44

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

9.8CVSS5.8AI score0.05431EPSS
Exploits0
Fedora
Fedora
added 2026/03/04 12:56 a.m.9 views

[SECURITY] Fedora 43 Update: keylime-7.14.1-1.fc43

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

9.8CVSS6AI score0.05431EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/16 2:36 p.m.5 views

GnuPG: GnuPG: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution

A flaw was found in GnuPG. This vulnerability, a stack-based buffer overflow, occurs in the tpm2daemon component when processing PKDECRYPT commands for cryptographic keys secured by a Trusted Platform Module TPM. A local attacker could exploit this to execute unauthorized code, potentially gainin...

8.4CVSS6.2AI score0.00421EPSS
Exploits1References6
Rows per page
Query Builder