10 matches found
CVE-2025-49010
A flaw was found in OpenSC, an open source smart card tools and middleware. An attacker with physical access to the computer, at the time a user or administrator uses a token, can exploit this vulnerability. By presenting specially crafted responses to Application Protocol Data Units APDUs from a...
Siemens SIMATIC Devices Use After Free (CVE-2024-26898)
In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmdcfgpkts. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
RHEL 8 : 8.2_libtpms (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtpms: out-of-bounds access via specially crafted TPM 2 command packets CVE-2021-3746 - A stack...
Denial Of Service (DoS)
libtpms is vulnerable to denial of service. The vulnerability exists due lack of sanitization of command packets which leads to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read allowing an attacker to crash the system by injecting maliciously...
DEBIAN-CVE-2021-3623
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to...
Updated libtpms/swtpm packages fix security vulnerability
CryptSym: fix AES output IV CVE-2021-3505. Fixed a context save and suspend/resume problem when public keys are loaded. Reset too large size indicators in TPM2B to avoid access beyond buffer CVE-2021-3623 Restore original value in buffer if unmarshalled one was illegal Fixed out-of-bounds access...
SUSE-SU-2021:3004-2 Security update for libtpms
This update for libtpms fixes the following issues: - CVE-2021-3746: Fixed out-of-bounds access via specially crafted TPM 2 command packets bsc1189935...
SUSE-SU-2021:3004-1 Security update for libtpms
This update for libtpms fixes the following issues: - CVE-2021-3746: Fixed out-of-bounds access via specially crafted TPM 2 command packets bsc1189935...
Security update for libtpms (important)
openSUSE Security Update: Security update for libtpms Announcement ID: openSUSE-SU-2021:3004-1 Rating: important References: 1189935 Cross-References: CVE-2021-3746 CVSS scores: CVE-2021-3746 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.3 An update th...
Oracle MySQL Database IN and CASE NULL Argument Denial of Service
MySQL is a popular open-source implementation of a relational database that supports the Structured Query Language SQL for querying and updating stored data. A denial of service vulnerability has been reported in Oracle MySQL database server. The vulnerability is due to an error while handling IN...