Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-33317 |
|
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In versions 3.13.0 through 4.10.0, mis...
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In versions 3.13.0 through 4.10.0, missing checks in `entry_get_attribute_value()` in `ta/pkcs11/src/object.c` can lead to out-of-bounds...
|
| CVE-2026-34877 |
|
Vulnerability in arm (CVE-2026-34877)
vulnerability in arm (CVE-2026-34877). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34871 |
|
Vulnerability in arm (CVE-2026-34871)
vulnerability in arm (CVE-2026-34871). Confidential information can be exposed externally.
|
| CVE-2026-25835 |
|
Vulnerability in arm (CVE-2026-25835)
vulnerability in arm (CVE-2026-25835). Confidential information can be exposed externally.
|
| CVE-2025-27810 |
|
Vulnerability in arm (CVE-2025-27810)
vulnerability in arm (CVE-2025-27810). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-27809 |
|
Vulnerability in arm (CVE-2025-27809)
vulnerability in arm (CVE-2025-27809). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-28960 |
|
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
|
| CVE-2024-23775 |
|
Vulnerability in dos (CVE-2024-23775)
vulnerability in dos (CVE-2024-23775). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-23170 |
|
Vulnerability in arm (CVE-2024-23170)
vulnerability in arm (CVE-2024-23170). Confidential information can be exposed externally.
|
| CVE-2023-43615 |
|
Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
|
| CVE-2021-36647 |
|
Vulnerability in c (CVE-2021-36647)
vulnerability in c (CVE-2021-36647). Confidential information can be exposed externally.
|
| CVE-2022-46393 |
|
Out-of-Bounds Read in arm (CVE-2022-46393)
vulnerability in arm (CVE-2022-46393). Successful exploitation can lead to full system takeover.
|
| CVE-2022-46392 |
|
Vulnerability in arm (CVE-2022-46392)
vulnerability in arm (CVE-2022-46392). Confidential information can be exposed externally.
|
| CVE-2022-35409 |
|
Out-of-Bounds Read in arm (CVE-2022-35409)
vulnerability in arm (CVE-2022-35409). Confidential information can be exposed externally.
|
| CVE-2021-44732 |
|
Vulnerability in arm (CVE-2021-44732)
vulnerability in arm (CVE-2021-44732). Successful exploitation can lead to full system takeover.
|
| CVE-2021-27562 KEV |
|
[KEV] Out-of-Bounds Write in Arm trusted-firmware (CVE-2021-27562)
out-of-bounds write in Arm trusted-firmware (CVE-2021-27562). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-10932 |
|
Vulnerability in arm (CVE-2020-10932)
vulnerability in arm (CVE-2020-10932). Confidential information can be exposed externally.
|
| CVE-2019-16910 |
|
Information Disclosure in arm (CVE-2019-16910)
vulnerability in arm (CVE-2019-16910). Confidential information can be exposed externally.
|
| CVE-2018-19608 |
|
Privilege Escalation in arm (CVE-2018-19608)
vulnerability in arm (CVE-2018-19608). Confidential information can be exposed externally.
|
| CVE-2018-9989 |
|
Out-of-Bounds Read in arm (CVE-2018-9989)
vulnerability in arm (CVE-2018-9989). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-9988 |
|
Out-of-Bounds Read in arm (CVE-2018-9988)
vulnerability in arm (CVE-2018-9988). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9607 |
|
Vulnerability in dos (CVE-2017-9607)
vulnerability in dos (CVE-2017-9607). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14032 |
|
Authentication Bypass in arm (CVE-2017-14032)
authentication bypass in arm (CVE-2017-14032). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7564 |
|
Vulnerability in dos (CVE-2017-7564)
vulnerability in dos (CVE-2017-7564). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7563 |
|
Vulnerability in arm (CVE-2017-7563)
vulnerability in arm (CVE-2017-7563). Successful exploitation can lead to full system takeover.
|
| CVE-2017-2784 |
|
Vulnerability in arm (CVE-2017-2784)
vulnerability in arm (CVE-2017-2784). Successful exploitation can lead to full system takeover.
|