Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asylo vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-8935
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an malicious user to make an Ecall_restore function call to reallocate untrusted code and overwrite sections of the Enclave memory address. We recommend updating your library.
Google Asylo
5.5
CVSSv3
CVE-2020-8936
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an malicious user to make a host call to UntrustedCall. UntrustedCall failed to validate the buffer range within sgx_params and allowed the host to return a pointer that was an address within the enc...
Google Asylo
5.5
CVSSv3
CVE-2020-8939
An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by memcpy() to read memory from within the enclave heap. We recommend upgrading past commit 6ff3b77ffe110a33a2f93848a6333f33616f02c4
Google Asylo
5.5
CVSSv3
CVE-2020-8942
An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted malicious user to make a call to enc_untrusted_read whose return size was not validated against the requrested size. The parameter size is unchecked allowing the malicious user to read memory...
Google Asylo
5.5
CVSSv3
CVE-2020-8943
An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted malicious user to make a call to enc_untrusted_recvfrom whose return size was not validated against the requested size. The parameter size is unchecked allowing the malicious user to read mem...
Google Asylo
7.8
CVSSv3
CVE-2021-22549
An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c
Google Asylo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2