Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

OSV
OSVadded 2024/06/28 4:15 p.m.0 views

UBUNTU-CVE-2024-29039

tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

9CVSS5.7AI score0.01708EPSS
Exploits1References3
CVE
CVEadded 2024/06/28 3:48 p.m.79 views

CVE-2024-29039

CVE-2024-29039 affects the tpm2-tools package (TPM 2.0 tools). The vulnerability arises when an attacker manipulates the TPML_PCR_SELECTION in the PCR input file, causing tpm2_checkquote to mis-map digest values to wrong PCR slots/banks and thereby present a misleading TPM state. Affected version...

9CVSS6.5AI score0.01708EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2024/06/28 3:48 p.m.7 views

CVE-2024-29039 Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state

tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

9CVSS6.7AI score0.01708EPSS
Exploits1References6
Veracode
Veracodeadded 2024/05/15 8:41 a.m.18 views

Improper Digest Validation

github.com/containers/image is vulnerable to Improper Digest Validation. The vulnerability is due to improper validation of digest values, which allows an attacker to trigger authenticated registry accesses when pulling untrusted images...

8.3CVSS6.8AI score0.00681EPSS
Exploits0References44Affected Software4
Rows per page
Query Builder