Filter

Yubico Yubihsm 2 Software Development KitThe Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properl…

7.8
First published (updated )

Yubico libu2f-hostIn devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitializ…

7.5
First published (updated )

Yubico Yubihsm 2 SdkThe PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of spec…

7.5
First published (updated )

Yubico Yubikey 5c Nfc FirmwareYubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware befor…

First published (updated )

Debian Debian LinuxInput Validation

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Yubico ykneo-openpgpYubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used. When first powere…

8.8
First published (updated )

debian/libu2f-hostBuffer Overflow

First published (updated )

Yubico Piv ManagerLast updated 24 July 2024

First published (updated )

Yubico Piv ManagerBuffer Overflow

7.2
First published (updated )

Yubico Yubico PamInfoleak

8.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Yubico pam-u2fYubico pam-u2f 1.0.7 attempts parsing of the configured authfile (default $HOME/.config/Yubico/u2f_k…

7.5
First published (updated )

Yubico pam-u2fIn Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debug_f…

8.1
First published (updated )

Yubico yubihsm-shellAn issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The func…

7.5
First published (updated )

Yubico yubihsm-shellInput Validation

7.5
First published (updated )

Yubico Yubikey 5 Nfc FirmwareA PIN management problem was discovered on Yubico YubiKey 5 devices 5.2.0 to 5.2.6. OpenPGP has thre…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Yubico Yubikey 5 Nfc FirmwareAn information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1…

First published (updated )

Yubico libykpivAn issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect free()…

First published (updated )

Yubico libykpivAn issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library (which is includ…

First published (updated )

Yubico Yubikey One Time Password Validation ServerSQL Injection

7.5
First published (updated )

Yubico Yubikey One Time Password Validation ServerThe sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP.…

8.6
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Yubico yubihsm-shellInteger Overflow

First published (updated )

Fedoraproject FedoraYubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the a…

First published (updated )

Yubico Yubihsm ConnectorAn issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.…

7.5
First published (updated )

Yubico yubihsm-shellAn issue was discovered in the _send_secure_msg() function of Yubico yubihsm-shell through 2.0.3. Th…

First published (updated )

Ftsafe K13An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrol…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Yubico OTPIncorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with the Y…

First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203