Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arm vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-43701
When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code.
Arm Mbed Studio
Arm Keil Mdk
Arm Gnu Toolchain
Arm Fast Models
Arm Arm Mobile Studio
Arm Linaro Forge
Arm Arm Development Studio
Arm Arm Compiler For Functional Safety 6.6
Arm Arm Compiler For Embedded Fusa 6.16
Arm Arm Compiler
Arm Ds Development Studio
4.7
CVSSv3
CVE-2022-25368
Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause ...
Amperecomputing Ampere Altra Max Firmware -
Amperecomputing Ampere Altra Firmware -
Arm Neoverse-e1 Firmware -
Arm Neoverse-v1 Firmware -
Arm Cortex-a57 Firmware -
Arm Cortex-a65 Firmware -
Arm Cortex-a65ae Firmware -
Arm Cortex-a72 Firmware -
Arm Cortex-a73 Firmware -
Arm Cortex-a75 Firmware -
Arm Cortex-a76 Firmware -
Arm Cortex-a76ae Firmware -
Arm Cortex-a77 Firmware -
Arm Cortex-a78 Firmware -
Arm Cortex-a78ae Firmware -
Arm Cortex-a78c Firmware -
Arm Cortex-x1 Firmware -
Arm Cortex-x2 Firmware -
Arm Cortex-a710 Firmware -
Arm Cortex-a15 Firmware -
Arm Neoverse N1 Firmware -
Arm Neoverse N2 Firmware -
7.8
CVSSv3
CVE-2022-43702
When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code.
Arm Fast Models
Arm Arm Development Studio
Arm Arm Compiler For Embedded Fusa 6.16
Arm Arm Compiler
Arm Arm Compiler For Functional Safety
Arm Ds Development Studio
5.6
CVSSv3
CVE-2022-23960
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow th...
Xen Xen -
Arm Cortex-r7 Firmware -
Arm Cortex-r8 Firmware -
Arm Cortex-a57 Firmware -
Arm Cortex-a65 Firmware -
Arm Cortex-a65ae Firmware -
Arm Cortex-a710 Firmware -
Arm Cortex-a72 Firmware -
Arm Cortex-a73 Firmware -
Arm Cortex-a75 Firmware -
Arm Cortex-a76 Firmware -
Arm Cortex-a76ae Firmware -
Arm Cortex-a77 Firmware -
Arm Cortex-a78 Firmware -
Arm Cortex-a78ae Firmware -
Arm Cortex-x1 Firmware -
Arm Cortex-x2 Firmware -
Arm Neoverse-e1 Firmware -
Arm Neoverse-v1 Firmware -
Arm Neoverse N1 Firmware -
Arm Neoverse N2 Firmware -
Debian Debian Linux 9.0
2 Articles
7.5
CVSSv3
CVE-2022-48251
The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks. NOTE: the vendor reportedly offers the position "while power side channel attacks ... are possible, they are not directly caused by or rel...
Arm Cortex-a53 Firmware -
Arm Cortex-a55 Firmware -
Arm Cortex-a57 Firmware -
Arm Cortex-a72 Firmware -
Arm Cortex-a73 Firmware -
Arm Cortex-a75 Firmware -
Arm Cortex-a76 Firmware -
Arm Cortex-a76ae Firmware -
Arm Cortex-a77 Firmware -
Arm Cortex-a78 Firmware -
7.8
CVSSv3
CVE-2020-24658
Arm Compiler 5 up to and including 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. When this feature is enabled, a protected function writes a guard value to the stack prior to (above) any vulnerable arrays in ...
Arm Arm Compiler
Arm Arm Compiler 5.06
8.1
CVSSv3
CVE-2017-14032
ARM mbed TLS prior to 1.3.21 and 2.x prior to 2.1.9, if optional authentication is configured, allows remote malicious users to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases ...
Arm Mbed Tls 1.3.12
Arm Mbed Tls 1.3.13
Arm Mbed Tls 1.3.21
Arm Mbed Tls 2.1.9
Arm Mbed Tls 1.3.10
Arm Mbed Tls 1.3.11
Arm Mbed Tls 1.3.18
Arm Mbed Tls 1.3.19
Arm Mbed Tls 2.4.2
Arm Mbed Tls 2.5.1
Arm Mbed Tls 2.1.2
Arm Mbed Tls 2.1.3
Arm Mbed Tls 2.6.2
Arm Mbed Tls 2.1.7
Arm Mbed Tls 2.1.4
Arm Mbed Tls 2.1.5
Arm Mbed Tls 1.3.16
Arm Mbed Tls 1.3.17
Arm Mbed Tls 2.3.0
Arm Mbed Tls 2.4.0
Arm Mbed Tls 2.1.0
Arm Mbed Tls 2.1.1
6.5
CVSSv3
CVE-2022-36449
An issue exists in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 throu...
Arm Valhall R39p0
Arm Valhall
Arm Bifrost R39p0
Arm Bifrost
Arm Midgard
8.1
CVSSv3
CVE-2017-2784
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS prior to 1.3.19, 2.x prior to 2.1.7, and 2.4.x prior to 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a st...
Arm Mbed Tls 2.1.4
Arm Mbed Tls 2.1.5
Arm Mbed Tls 2.1.6
Arm Mbed Tls 2.1.2
Arm Mbed Tls 2.1.3
Arm Mbed Tls 2.4.0
Arm Mbed Tls 2.0.0
Arm Mbed Tls
Arm Mbed Tls 2.1.0
Arm Mbed Tls 2.1.1
7.8
CVSSv3
CVE-2022-22706
Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.
Arm Bifrost
Arm Valhall
Arm Midgard
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »