EUVD-2025-17717

Malicious code in bioql PyPI...

CVE-2025-2884

TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0...

TPM Reference Implementation

CVE Details assigned by the TCG Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2025-2884| 6.6 Medium CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H| An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a read past the end of a...

CVE-2024-29039

tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

MGASA-2023-0102 Updated libtpms packages fix security vulnerability

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service crashing the TPM chip/process ...

CVE-2023-1018 TPM2.0 vulnerable to out-of-bounds read

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM...