Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arm vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-44331
ARM astcenc 3.2.0 is vulnerable to Buffer Overflow in function encode_ise().
Arm Adaptive Scalable Texture Compression Encoder 3.2.0
5
CVSSv2
CVE-2020-36422
An issue exists in Arm Mbed TLS prior to 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable.
Arm Mbed Tls
Debian Debian Linux 10.0
5
CVSSv2
CVE-2020-36423
An issue exists in Arm Mbed TLS prior to 2.23.0. A remote attacker can recover plaintext because a certain Lucky 13 countermeasure doesn't properly consider the case of a hardware accelerator.
Arm Mbed Tls
Debian Debian Linux 10.0
1.9
CVSSv2
CVE-2020-36424
An issue exists in Arm Mbed TLS prior to 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values.
Arm Mbed Tls
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2020-36425
An issue exists in Arm Mbed TLS prior to 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock.
Arm Mbed Tls
Debian Debian Linux 10.0
5
CVSSv2
CVE-2020-36426
An issue exists in Arm Mbed TLS prior to 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).
Arm Mbed Tls
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2021-43086
ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the compression function of the astc-encoder project with -cl option was used, a stack-buffer-overflow occurred in function encode_ise() in function compress_symbolic_block_for_partition_2planes() in "/Source/astcenc_c...
Arm Adaptive Scalable Texture Compression Encoder 3.2.0
NA
CVE-2022-46392
An issue exists in Mbed TLS prior to 2.28.2 and 3.x prior to 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim perform...
Arm Mbed Tls
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-46393
An issue exists in Mbed TLS prior to 2.28.2 and 3.x prior to 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
Arm Mbed Tls
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5
CVSSv2
CVE-2021-45451
In Mbed TLS prior to 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.
Arm Mbed Tls
Fedoraproject Fedora 36
Fedoraproject Fedora 37
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »