CVE-2025-36238

IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00 through FW950.F0 could allow a local user with administration privileges to obtain sensitive information from a Virtual TPM through a series of PowerVM service procedures...

CVE-2025-36238 Power System Exposure of Sensitive System Information

IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00 through FW950.F0 could allow a local user with administration privileges to obtain sensitive information from a Virtual TPM through a series of PowerVM service procedures...

Security Bulletin: This Power System update is being released to address CVE-2025-36238

Summary If an attacker is able to gain system administrator access a Virtual TPM can be compromised through the use of a series of PowerVM service procedures. Vulnerability Details CVEID:CVE-2025-36238 DESCRIPTION: IBM PowerVM Hypervisor could allow a local user with administration privileges to...

EUVD-2023-40661

Malicious code in bioql PyPI...

OESA-2025-2261 libtpms security update

A library providing TPM functionality for VMs. Targeted for integration into Qemu. Security Fixes: Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by th...

PT-2025-24896

Name of the Vulnerable Software and Affected Versions TCG TPM2.0 versions affected versions not specified AMD Ryzen processors versions not specified Description The TCG TPM2.0 reference implementation's CryptHmacSign function contains a flaw due to a lack of validation between the signature sche...

CVE-2025-21284

Windows Virtual Trusted Platform Module Denial of Service Vulnerability...

CVE-2025-21284

Technical details about CVE-2025-21284 are not provided in the connected documents. Public references exist (NVD, CVE listings) but there are no specifics in these sources about affected products, root cause, impact details, or fixes; monitor for updates.

CVE-2025-21280

CVE-2025-21280 is a Windows Virtual Trusted Platform Module Denial of Service vulnerability. Connected documents identify the affected component as the Windows Virtual TPM and note an impact on availability. The NCSC advisory lists a CVSS v3.1 base score of 5.5 (LOCAL attack, LOW privileges requi...

CVE-2025-21280 Windows Virtual Trusted Platform Module Denial of Service Vulnerability

...

Windows Virtual Trusted Platform Module Denial of Service Vulnerability

...

Windows Virtual Trusted Platform Module Denial of Service Vulnerability

...

CVE-2023-36718

Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability...

Denial of service

Windows Virtual Trusted Platform Module Denial of Service Vulnerability...

CVE-2023-36718 Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability

...

CVE-2023-36718 Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability

...

Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability

...

PT-2023-6060 · Microsoft · Virtual Trusted Platform Module +1

Name of the Vulnerable Software and Affected Versions: Microsoft Virtual Trusted Platform Module affected versions not specified Description: The issue is related to insufficient input validation in the virtual trusted platform module of Windows operating systems. This can be exploited by attacke...