Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-42229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be...

4.1CVSS6.8AI score0.00016EPSS
Exploits0References3
SUSE Linux
SUSE Linuxadded 2025/01/08 9:47 a.m.2 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48853: swiotlb: fix info leak with DMAFROMDEVICE bsc1228015. CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hcierrorreset bsc1222413...

7.8CVSS8.3AI score0.18032EPSS
Exploits3References316
OSV
OSVadded 2024/10/21 1:53 p.m.1 views

CLSA-2024-1729518811 Fix of 15 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfiointxenable CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix rac...

7.8CVSS6.9AI score0.00051EPSS
Exploits0References1
OSV
OSVadded 2024/10/21 1:45 p.m.3 views

CLSA-2024-1729518310 Fix of 15 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfiointxenable CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix rac...

7.8CVSS6.9AI score0.00051EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2024/08/16 7:0 a.m.3 views

crypto: aeadcipher - zeroize key buffer after use

...

4.1CVSS7.3AI score0.00016EPSS
Exploits0
SUSE CVE
SUSE CVEadded 2024/08/06 2:0 a.m.1 views

SUSE CVE-2024-42098

In the Linux kernel, the following vulnerability has been resolved: crypto: ecdh - explicitly zeroize privatekey privatekey is overwritten with the key parameter passed in by the caller if present, or alternatively a newly generated private key. However, it is possible that the caller provides a...

5.5CVSS6.3AI score0.00015EPSS
Exploits0References17
SUSE CVE
SUSE CVEadded 2024/08/06 1:58 a.m.1 views

SUSE CVE-2024-42229

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS6.5AI score0.00016EPSS
Exploits0References17
RedhatCVE
RedhatCVEadded 2024/07/31 9:18 a.m.23 views

CVE-2024-42098

A flaw was found in the Linux Kernel's Elliptic Curve Diffie-Hellman functionality, where the privatekey is overwritten. In some special cases and when error path happens, this issue could allow leakage of this private key...

4.1CVSS8.2AI score0.00015EPSS
Exploits0References4
OSV
OSVadded 2024/07/30 8:15 a.m.6 views

AZL-47204 CVE-2024-42229 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS6.5AI score0.00016EPSS
Exploits0References1
OSV
OSVadded 2024/07/30 8:15 a.m.1 views

AZL-47100 CVE-2024-42229 affecting package kernel for versions less than 5.15.164.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS6.5AI score0.00016EPSS
Exploits0References1
OSV
OSVadded 2024/07/30 8:15 a.m.1 views

DEBIAN-CVE-2024-42229

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS5.6AI score0.00016EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2024/07/30 8:15 a.m.14 views

CVE-2024-42229

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS6.5AI score0.00016EPSS
Exploits0References33
OSV
OSVadded 2024/07/30 8:15 a.m.0 views

UBUNTU-CVE-2024-42229

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS6.3AI score0.00016EPSS
Exploits0References34
Debian CVE
Debian CVEadded 2024/07/30 7:47 a.m.16 views

CVE-2024-42229

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS5.6AI score0.00016EPSS
Exploits0
CVE
CVEadded 2024/07/30 7:47 a.m.306 views

CVE-2024-42229

CVE-2024-42229 concerns a Linux kernel cryptography hardening issue in the AEAD/cipher path. The description states that after cryptographic operations, the key buffer must be zeroized, in line with I.G 9.7.B for FIPS 140-3 guidance. The fix involves zeroizing buffers that previously held private...

4.1CVSS6.6AI score0.00016EPSS
Exploits0References9Affected Software1
NVD
NVDadded 2024/07/29 6:15 p.m.14 views

CVE-2024-42098

In the Linux kernel, the following vulnerability has been resolved: crypto: ecdh - explicitly zeroize privatekey privatekey is overwritten with the key parameter passed in by the caller if present, or alternatively a newly generated private key. However, it is possible that the caller provides a...

5.5CVSS0.00015EPSS
Exploits0References6
OSV
OSVadded 2024/07/29 6:15 p.m.0 views

DEBIAN-CVE-2024-42098

In the Linux kernel, the following vulnerability has been resolved: crypto: ecdh - explicitly zeroize privatekey privatekey is overwritten with the key parameter passed in by the caller if present, or alternatively a newly generated private key. However, it is possible that the caller provides a...

5.5CVSS5.3AI score0.00015EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2024/07/29 6:15 p.m.11 views

CVE-2024-42098

In the Linux kernel, the following vulnerability has been resolved: crypto: ecdh - explicitly zeroize privatekey privatekey is overwritten with the key parameter passed in by the caller if present, or alternatively a newly generated private key. However, it is possible that the caller provides a...

5.5CVSS6.3AI score0.00015EPSS
Exploits0References23
Cvelist
Cvelistadded 2024/07/29 5:39 p.m.23 views

CVE-2024-42098 crypto: ecdh - explicitly zeroize private_key

In the Linux kernel, the following vulnerability has been resolved: crypto: ecdh - explicitly zeroize privatekey privatekey is overwritten with the key parameter passed in by the caller if present, or alternatively a newly generated private key. However, it is possible that the caller provides a...

0.00015EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2022/06/17 12:30 a.m.12 views

Duplicate Advisory: `#[zeroize(drop)]` doesn't implement `Drop` for `enum`s

Duplicate Advisory This advisory is a duplicate of GHSA-c5hx-w945-j4pq. This link is preserved to maintain external references. Original Description Affected versions of this crate did not implement Drop when zeroizedrop was used on an enum. This can result in memory not being zeroed out after...

2.6AI score
Exploits0References3Affected Software1
Rows per page
Query Builder