508 matches found
EUVD-2023-25645
Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data...
CVE-2026-20829 TPM Trustlet Information Disclosure Vulnerability
...
CVE-2026-20829
CVE-2026-20829 is a TPM Trustlet Information Disclosure vulnerability in Windows TPM: an out-of-bounds read can allow an authorized, local attacker to disclose information. The linked Nessus/NVD/CIRCL entries confirm Windows TPM involvement and a local attack vector with low privileges. Microsoft...
CVE-2026-20829 TPM Trustlet Information Disclosure Vulnerability
...
TPM Trustlet Information Disclosure Vulnerability
Out-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally...
CVE-2018-21074
An issue was discovered on Samsung mobile devices with M6.x Exynos or Qualcomm chipsets software. There is information disclosure from a Trustlet via the debug log. The Samsung ID is SVE-2017-10638 April 2018...
CVE-2017-18655
An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is a stack-based buffer overflow with resultant memory corruption in a trustlet. The Samsung IDs are SVE-2017-8889, SVE-2017-8891, and SVE-2017-8892 August 2017...
CVE-2017-18657
An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is an arbitrary write in a trustlet. The Samsung ID is SVE-2017-8893 August 2017...
CVE-2017-18656
An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is a buffer over-read in a trustlet. The Samsung ID is SVE-2017-8890 August 2017...
CVE-2019-20544
An issue was discovered on Samsung mobile devices with O8.x and P9.0 Exynos chipsets software. There is an out-of-bounds write in the ICCC Trustlet. The Samsung ID is SVE-2019-15274 November 2019...
CVE-2019-20562
An issue was discovered on Samsung mobile devices with P9.0 with TEEGRIS software. There is a buffer overflow in the BIOSUB Trustlet. The Samsung ID is SVE-2019-15264 October 2019...
CVE-2019-20607
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ...
CVE-2019-20610
An issue was discovered on Samsung mobile devices with N7.X and O8.X Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 April 2019...
CVE-2019-20560
An issue was discovered on Samsung mobile devices with O8.x and P9.0 with TEEGRIS software. The BIOSUB Trustlet has an out of bounds write. The Samsung ID is SVE-2019-15261 October 2019...
CVE-2019-20586
An issue was discovered on Samsung mobile devices with O8.1 and P9.0 with TEEGRIS software. There is type confusion in the FINGERPRINT Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14864 August 2019...
CVE-2019-20602
An issue was discovered on Samsung mobile devices with N7.x, O8.0, and P9.0 Qualcomm chipsets software. The Authnr Trustlet has a NULL pointer dereference. The Samsung ID is SVE-2019-13949 May 2019...
CVE-2019-20563
An issue was discovered on Samsung mobile devices with O8.x and P9.0 with TEEGRIS software. The SECFR trustlet has an out of bounds write. The Samsung ID is SVE-2019-15272 October 2019...
CVE-2019-20590
An issue was discovered on Samsung mobile devices with O8.x Qualcomm chipsets software. There is an integer underflow in the Secure Storage Trustlet. The Samsung ID is SVE-2019-13952 July 2019...
CVE-2020-10836
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos chipsets software. The Widevine Trustlet allows read and write operations on arbitrary memory locations. The Samsung ID is SVE-2019-15873 February 2020...
CVE-2025-21072
Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...