78 matches found
Yubico YubiKey Manager Installed (Windows)
Binary data yubicoyubikeymanagerwininstalled.nbin...
Linux Distros Unpatched Vulnerability : CVE-2021-31924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass. This issu...
PT-2025-14572 · Yubico · Yubikey
Name of the Vulnerable Software and Affected Versions: Yubico YubiKey versions 5.4.1 through 5.7.3 Description: The issue is related to an incorrect implementation of the FIDO CTAP PIN/UV 2 authentication protocol. Specifically, it uses the signature length from the CTAP PIN/UV 1 protocol, even...
YubiKey Side-Channel Attack
There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. Its a complicated attack, requiring the victims username and password, and physical access to their YubiKey--as well as some technical expertise and equipment. Still, nice piece of security analysi...
CVE-2024-45678
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...
CVE-2024-45678
The CVE-2024-45678 EYCL EAK issue affects Yubico YubiKey 5 Series firmware < 5.7.0 and YubiHSM 2 firmware
Fedora: Security Advisory for rust-ybaas (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for rust-yubibomb (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: rust-ybaas-0.0.17-3.fc39
Don't you love when you accidentally tap your Yubikey when you have your IRC client in focus and you send 987947 into Libera? Want to be able to have that experience without having to reach all the way over to your laptop's USB port? Don't want the complexity of installing and using the yubibomb...
[SECURITY] Fedora 39 Update: rust-yubibomb-0.2.14-3.fc39
Don't you love when you accidentally tap your Yubikey when you have your IRC client in focus and you send 987947 into Libera? Want to be able to have that experience without having to reach all the way over to your laptop's USB port? Now you can!...
CVE-2024-35311
Yubico YubiKey 5 Series before 5.7.0, Security Key Series before 5.7.0, YubiKey Bio Series before 5.6.4, and YubiKey 5 FIPS before 5.7.2 have Incorrect Access Control...
Fedora: Security Advisory for rust-ybaas (FEDORA-2024-ce2936b568)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: rust-ybaas-0.0.17-3.fc40
Don't you love when you accidentally tap your Yubikey when you have your IRC client in focus and you send 987947 into Libera? Want to be able to have that experience without having to reach all the way over to your laptop's USB port? Don't want the complexity of installing and using the yubibomb...
[SECURITY] Fedora 40 Update: rust-yubibomb-0.2.14-3.fc40
Don't you love when you accidentally tap your Yubikey when you have your IRC client in focus and you send 987947 into Libera? Want to be able to have that experience without having to reach all the way over to your laptop's USB port? Now you can!...
Security Advisory YSA-2024-03 | Yubico
A vulnerability was discovered in Infineon’s cryptographic library, which is utilized in YubiKey 5 Series, and Security Key Series with firmware prior to 5.7.0 and YubiHSM 2 with firmware prior to 2.4.0. The severity of the issue in Yubico devices is moderate. An attacker could exploit this issue...
PINs for Cryptography with Hardware Secure Elements
I’m a big fan of technologies that enable otherwise impossible security properties and user experiences, like cryptography often can. One such technology is hardware secure elements. Here’s a thing you can’t do with cryptography: encrypt data securely with a low-entropy secret, like a PIN. If a...
Security Advisory YSA-2024-02 | Yubico
To address a low severity privacy issue, Yubico has released updated firmware for YubiKey 5 Series, Security Key Series, and YubiKey Bio Series. The YubiKey CSPN Series and YubiKey 5 FIPS series are also affected. The YubiKey 5 FIPS series will receive this privacy update in the next release of...
[SECURITY] Fedora 37 Update: rust-ybaas-0.0.16-1.fc37
Don't you love when you accidentally tap your Yubikey when you have your IRC client in focus and you send 987947 into Libera? Want to be able to have that experience without having to reach all the way over to your laptop's USB port? Don't want the complexity of installing and using the yubibomb...
Fedora: Security Advisory for rust-ybaas (FEDORA-2023-37ae269843)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: rust-ybaas-0.0.10-7.fc38
Don't you love when you accidentally tap your Yubikey when you have your IRC client in focus and you send 987947 into Libera? Want to be able to have that experience without having to reach all the way over to your laptop's USB port? Don't want the complexity of installing and using the yubibomb...