Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trusted platform module vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2020-36322
An issue exists in the FUSE filesystem implementation in the Linux kernel prior to 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its inc...
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Starwindsoftware Starwind Virtual San 8
1 Github repository
3.6
CVSSv2
CVE-2020-26933
Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 up to and including 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED. Improper initialization of this shut-down may result in su...
Trustedcomputinggroup Trusted Platform Module 2.0
2.1
CVSSv2
CVE-2020-5851
On impacted versions and platforms the Trusted Platform Module (TPM) system integrity check cannot detect modifications to specific system components. This issue only impacts specific engineering hotfixes and platforms. NOTE: This vulnerability does not affect any of the BIG-IP m...
F5 Big-ip Local Traffic Manager 14.1.0.2.0.45.4
F5 Big-ip Local Traffic Manager 14.1.0.2.0.62.4
F5 Big-ip Advanced Firewall Manager 14.1.0.2.0.45.4
F5 Big-ip Advanced Firewall Manager 14.1.0.2.0.62.4
F5 Big-ip Application Acceleration Manager 14.1.0.2.0.45.4
F5 Big-ip Application Acceleration Manager 14.1.0.2.0.62.4
F5 Big-ip Analytics 14.1.0.2.0.45.4
F5 Big-ip Analytics 14.1.0.2.0.62.4
F5 Big-ip Access Policy Manager 14.1.0.2.0.45.4
F5 Big-ip Access Policy Manager 14.1.0.2.0.62.4
F5 Big-ip Application Security Manager 14.1.0.2.0.45.4
F5 Big-ip Application Security Manager 14.1.0.2.0.62.4
F5 Big-ip Edge Gateway 14.1.0.2.0.45.4
F5 Big-ip Edge Gateway 14.1.0.2.0.62.4
F5 Big-ip Fraud Protection Service 14.1.0.2.0.45.4
F5 Big-ip Fraud Protection Service 14.1.0.2.0.62.4
F5 Big-ip Global Traffic Manager 14.1.0.2.0.45.4
F5 Big-ip Global Traffic Manager 14.1.0.2.0.62.4
F5 Big-ip Link Controller 14.1.0.2.0.45.4
F5 Big-ip Link Controller 14.1.0.2.0.62.4
F5 Big-ip Policy Enforcement Manager 14.1.0.2.0.45.4
F5 Big-ip Policy Enforcement Manager 14.1.0.2.0.62.4
4.3
CVSSv2
CVE-2019-11090
Cryptographic timing conditions in the subsystem for Intel(R) PTT prior to 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS prior to SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.08...
Intel Platform Trust Technology Firmware
Intel Server Platform Services Firmware
Intel Trusted Execution Engine Firmware
1 Github repository
1 Article
4.3
CVSSv2
CVE-2019-16863
STMicroelectronics ST33TPHF2ESPI TPM devices prior to 2019-09-12 allow malicious users to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL.
St St33tphf2espi Firmware 71.0
St St33tphf2espi Firmware 71.4
St St33tphf2espi Firmware 71.12
St St33tphf2espi Firmware 73.0
St St33tphf2espi Firmware 73.4
St St33tphf2espi Firmware 73.8
St St33tphf2ei2c Firmware 73.5
St St33tphf2ei2c Firmware 73.9
St St33tphf20spi Firmware 74.0
St St33tphf20spi Firmware 74.4
St St33tphf20spi Firmware 74.8
St St33tphf20spi Firmware 74.16
St St33tphf20i2c Firmware 74.5
St St33tphf20i2c Firmware 74.9
1 Github repository
1 Article
7.8
CVSSv2
CVE-2019-9517
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually writ...
Apple Swiftnio
Apache Traffic Server
Apache Http Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Software Collections 1.0
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Quay 3.0.0
Redhat Openshift Service Mesh 1.0
Redhat Jboss Enterprise Application Platform 7.3.0
1 Github repository
2.1
CVSSv2
CVE-2019-1589
A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affe...
Cisco Nx-os 8.3\\(0\\)sk\\(0.39\\)
5
CVSSv2
CVE-2019-9636
Python 2.7.x up to and including 2.7.16 and 3.x up to and including 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given ...
Python Python
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux 7.5
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.5
1 Article
3.6
CVSSv2
CVE-2018-6622
An issue exists that affects all producers of BIOS firmware who make a certain realistic interpretation of an obscure portion of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0 specification. An abnormal case is not handled properly by this firmware while S3 s...
Trustedcomputinggroup Trusted Platform Module 2.0
3 Github repositories
4.6
CVSSv2
CVE-2017-16837
Certain function pointers in Trusted Boot (tboot) up to and including 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module (TPM) by hooking these function pointers.
Trusted Boot Project Trusted Boot 1.9.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »