Lucene search
+L

548 matches found

Microsoft KB
Microsoft KB
added 2018/04/17 12:0 a.m.6 views

April 17, 2018—KB4093117 (OS Build 15063.1058)

None None...

6.1AI score
Exploits0
ICS
ICS
added 2018/02/27 12:0 a.m.91 views

Siemens SIMATIC Industrial PCs

CVSS v3 5.9 ATTENTION: Remotely exploitable Vendor: Siemens Equipment: SIMATIC Industrial PCs Vulnerability: Cryptographic Issues AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following versions of SIMATIC Industrial PCs using a version of Infineon’s Trusted Platform Module...

5.9CVSS6.5AI score0.09825EPSS
Exploits0References36
OSV
OSV
added 2017/11/24 3:17 p.m.4 views

SUSE-SU-2017:3090-1 Recommended update for tboot

This update for tboot fixes the following issues: Security issue fixed: - CVE-2017-16837: Certain function pointers in Trusted Boot tboot through 1.9.6 are notvalidated and can cause arbitrary code execution, which allows local users tooverwrite dynamic PCRs of Trusted Platform Module TPM by h...

7.8CVSS7.7AI score0.00417EPSS
Exploits0References4
CNVD
CNVD
added 2017/11/21 12:0 a.m.33 views

Trusted Boot Arbitrary Code Execution Vulnerability

Trusted Boot tboot is an open source pre-kernel/vmm module that supports booting OS kernels/VMMs after measurement and determination utilizing Intel TXT technology. An arbitrary code execution vulnerability exists in Boot 1.9.6 and earlier versions, which stems from a program's failure to validat...

7.8CVSS7.5AI score0.00417EPSS
Exploits0References1
Broadcom
Broadcom
added 2017/11/17 12:0 a.m.11 views

BSA-2017-474

Security Advisory ID : BSA-2017-474 Component : Infineon RSA Library Revision : 2.0: Final The Infineon RSA library version 1.02.013 in Infineon Trusted Platform Module TPM firmware mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection...

5.9CVSS6.7AI score0.09825EPSS
Exploits0
OSV
OSV
added 2017/11/16 2:29 a.m.3 views

CVE-2017-16837

Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...

7.8CVSS6AI score0.00417EPSS
Exploits0References2
Prion
Prion
added 2017/11/16 2:29 a.m.27 views

Code injection

Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...

4.6CVSS7.5AI score0.00417EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/11/16 2:29 a.m.6 views

UBUNTU-CVE-2017-16837

Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...

7.8CVSS7AI score0.00417EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2017/11/16 2:0 a.m.55 views

CVE-2017-16837

Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...

7.8CVSS6.6AI score0.00417EPSS
Exploits0
Cvelist
Cvelist
added 2017/11/16 2:0 a.m.26 views

CVE-2017-16837

Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...

7.5AI score0.00417EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/11/15 12:0 a.m.86 views

Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4048959)

This host is missing an important security update according to Microsoft KB4048959 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.3CVSS6.8AI score0.47913EPSS
Exploits7References21
OpenVAS
OpenVAS
added 2017/11/15 12:0 a.m.50 views

Microsoft Windows Multiple Vulnerabilities (KB4048952)

This host is missing a critical security update according to Microsoft KB4048952 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.69802EPSS
Exploits28References31
Microsoft KB
Microsoft KB
added 2017/11/14 8:0 a.m.63 views

November 14, 2017—KB4048956 (OS Build 10240.17673)

None None...

9.3CVSS6.8AI score0.62359EPSS
Exploits24
CNVD
CNVD
added 2017/10/19 12:0 a.m.10 views

Juniper SRX300 Series Trusted Platform Module Firmware Information Disclosure Vulnerability

The Juniper SRX300 Series is a firewall product from Juniper Networks, Inc.The Trusted Platform Module TPM is one of the test platform modules. A security vulnerability exists in the TPM firmware version 4.40 in the Juniper SRX300 Series in the process of generating encryption keys. An attacker...

4.4CVSS4.9AI score0.00319EPSS
Exploits0References1
HPE Security Bulletins
HPE Security Bulletins
added 2017/10/16 12:0 a.m.5 views

HPESBHF03789 rev.2 - Certain HPE Gen9 Systems with HP Trusted Platform Module v2.0 Option, Unauthorized Access to Data

Potential Security Impact: Local: Unauthorized Access to Data; Remote: Unauthorized Access to Data SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Trusted Platform Module 2.0 Kit FW 5.51 - TPM 2.0 FW 5.62 is not affected. This is the Gen9 TPM 2.0 option only Gen9 servers could...

7.4CVSS6.7AI score0.09825EPSS
Exploits0
OSV
OSV
added 2017/10/13 5:29 p.m.5 views

CVE-2017-10606

Version 4.40 of the TPM Trusted Platform Module firmware on Juniper Networks SRX300 Series has a weakness in generating cryptographic keys that may allow an attacker to decrypt sensitive information in SRX300 Series products. The TPM is used in the SRX300 Series to encrypt sensitive configuration...

4.4CVSS5.8AI score0.00319EPSS
Exploits0References1
Citrix
Citrix
added 2017/09/28 12:0 a.m.9 views

Bitlocker Device Policy

Windows 10 Enterprise includes a disk encryption feature called BitLocker, which provides extra file and system protections against unauthorized access of a lost or stolen device. For more protection, you can use BitLocker with Trusted Platform Module TPM chips, version 1.2 or later. A TPM chip...

7.2AI score
Exploits0
CNVD
CNVD
added 2017/06/30 12:0 a.m.7 views

tpm2-tools Authentication Authorization Vulnerability

tpm2-tools is a toolkit for monitoring trusted platform modules in Linux. A security vulnerability exists in versions of tpm2-tools prior to 1.1.1, which stems from the program passing passwords from the client to the server in plaintext. An attacker could exploit the vulnerability to obtain...

7.5CVSS6.8AI score0.01242EPSS
Exploits0References1
FireEye
FireEye
added 2016/11/09 8:0 a.m.17 views

Extending Linux Executable Logging With The Integrity Measurement Architecture

Gaining insight into the files being executed on your system is a great first step towards improved visibility on your endpoints. Taking this a step further, centrally storing logs of file execution data so they can be used for detection and hunting provides an excellent opportunity to find evil ...

7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2014/04/03 11:36 a.m.13 views

DoD DIACAP transition to RMF approved

Welcome DIARMF! This has been a long time coming. From DITSCAP to DIACAP and now to DIARMF the Department of Defense approved the transition to a Risk Management Framework RMF approach developed by NIST on March 12. What does this mean for Information Systems and Platform Information Technology...

1.9AI score
Exploits0
Rows per page
Query Builder