In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime…

In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs. Zafiyet ile ilgili Genel…

In Keylime before 6.3.0, current keylime installer installs the keylime.conf file, which can contain sensitive data, as world-readable. Zafiyet ile ilgili Genel Bilgi, Etki ve…

A vulnerability was found in networkd-dispatcher. This flaw exists because no functions are sanitized by the OperationalState or the AdministrativeState of networkd-dispatcher. This attack leads…

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and…

A vulnerability in Keylime before 6.3.0 allows an attacker to craft a request to the agent that resets the U and V keys as if…

A flaw was found in Keylime before 6.3.0. The logic in the Keylime agent for checking for a secure mount can be fooled by previously…

The Web Server component of TIBCO Software Inc.’s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access…

Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 – 3.5.5, 3.7.0 – 3.7.2, and older unsupported versions,…

The Web Server component of TIBCO Software Inc.’s TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to…