Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arm vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2021-29256
. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 throu...
Arm Bifrost
Arm Midgard
Arm Valhall
188
VMScore
CVE-2020-13844
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."
Arm Cortex-a32 Firmware -
Arm Cortex-a35 Firmware -
Arm Cortex-a53 Firmware -
Arm Cortex-a57 Firmware -
Arm Cortex-a72 Firmware -
Arm Cortex-a73 Firmware -
Arm Cortex-a34 Firmware -
Opensuse Leap 15.1
Opensuse Leap 15.2
320
VMScore
CVE-2021-35465
Certain Arm products prior to 2021-08-23 do not properly consider the effect of exceptions on a VLLDM instruction. A Non-secure handler may have read or write access to part of a Secure context. This affects Arm Cortex-M33 r0p0 through r1p0, Arm Cortex-M35P r0, Arm Cortex-M55 r0p...
Arm Cortex-m33 Firmware
Arm Cortex-m35p Firmware R0
Arm Cortex-m55 Firmware
Arm China Star-mc1 Firmware -
NA
CVE-2023-4211
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
Arm 5th Gen Gpu Architecture Kernel Driver
Arm Midgard
Arm Bifrost
Arm Valhall
NA
CVE-2022-43703
An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.
Arm Arm Development Studio
Arm Ds Development Studio
383
VMScore
CVE-2016-10319
In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. This affects certain cases involving execution of both AArch64 Generic Trusted Firmware (TF) BL1 code and other firm...
Arm Trusted Firmware Project Arm Trusted Firmware 1.3
Arm Trusted Firmware Project Arm Trusted Firmware 1.2
NA
CVE-2023-26083
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41...
Arm Midgard
Arm Bifrost Gpu Kernel Driver
Arm Valhall Gpu Kernel Driver
Arm Avalon Gpu Kernel Driver
1 Github repository
605
VMScore
CVE-2017-7563
In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing malicious users to bypass the MT_EXECUTE_NEVER protection mechanism. This issue occurs because of inconsistency in the number of execute-never bits (one bit versus two bits).
Arm Arm Trusted Firmware
445
VMScore
CVE-2017-7564
In ARM Trusted Firmware up to and including 1.3, the secure self-hosted invasive debug interface allows normal world malicious users to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers.
Arm Arm Trusted Firmware
445
VMScore
CVE-2017-15031
In all versions of ARM Trusted Firmware up to and including v1.4, not initializing or saving/restoring the PMCR_EL0 register can leak secure world timing information.
Arm Arm-trusted-firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »