Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google asylo vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-8936
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an malicious user to make a host call to UntrustedCall. UntrustedCall failed to validate the buffer range within sgx_params and allowed the host to return a pointer that was an address within the enc...
Google Asylo
2.1
CVSSv2
CVE-2020-8937
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an malicious user to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on UntrustedLocalMemcpy, which fails to validate where the pointer is located. This allo...
Google Asylo
2.1
CVSSv2
CVE-2020-8939
An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by memcpy() to read memory from within the enclave heap. We recommend upgrading past commit 6ff3b77ffe110a33a2f93848a6333f33616f02c4
Google Asylo
2.1
CVSSv2
CVE-2020-8940
An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted malicious user to make a call to enc_untrusted_recvmsg using an attacker controlled result parameter. The parameter size is unchecked allowing the malicious user to read memory locations outs...
Google Asylo
2.1
CVSSv2
CVE-2020-8938
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an malicious user to make a host call to FromkLinuxSockAddr with attacker controlled content and size of klinux_addr which allows an malicious user to write memory values from within the enclave. We ...
Google Asylo
5.5
CVSSv2
CVE-2020-8904
An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions before 0.6.0. As the ecall_restore function fails to validate the range of the output_len pointer, an attacker can manipulate the tmp_output_len value and write to an arbitrary location ...
Google Asylo
2.1
CVSSv2
CVE-2020-8941
An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted malicious user to make a call to enc_untrusted_inet_pton using an attacker controlled klinux_addr_buffer parameter. The parameter size is unchecked allowing the malicious user to read memory ...
Google Asylo
2.1
CVSSv2
CVE-2020-8942
An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted malicious user to make a call to enc_untrusted_read whose return size was not validated against the requrested size. The parameter size is unchecked allowing the malicious user to read memory...
Google Asylo
2.1
CVSSv2
CVE-2020-8943
An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted malicious user to make a call to enc_untrusted_recvfrom whose return size was not validated against the requested size. The parameter size is unchecked allowing the malicious user to read mem...
Google Asylo
2.1
CVSSv2
CVE-2020-8944
An arbitrary memory write vulnerability in Asylo versions up to 0.6.0 allows an untrusted malicious user to make a call to ecall_restore using the attribute output which fails to check the range of a pointer. An attacker can use this pointer to write to arbitrary memory addresses...
Google Asylo
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »