VYPR
Vendor

Tm Software

Products
4
CVEs
6
Across products
7
Status
Private

Products

4

Recent CVEs

6
  • CVE-2024-29039CriJun 28, 2024
    risk 0.52cvss 9.0epss 0.01

    tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and…

  • CVE-2020-24455MedFeb 26, 2021
    risk 0.44cvss 6.7epss 0.01

    Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3.

  • CVE-2024-29040MedJun 28, 2024
    risk 0.21cvss 4.3epss 0.00

    This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure `TPMS_ATTEST`. For the field `TPM2_GENERATED magic` of this…

  • CVE-2024-29038MedJun 28, 2024
    risk 0.21cvss 4.3epss 0.00

    tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7.

  • CVE-2023-22745MedJan 19, 2023
    risk 0.00cvss 6.4epss 0.01

    tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an…

  • CVE-2012-2927May 22, 2012
    risk 0.00cvss epss 0.01

    The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and 7.x before 7.0.3 for Atlassian JIRA does not properly restrict the capabilities of third-party XML parsers, which allows remote authenticated users to cause a denial of service (resource consumption) via…