Vulnerabilities > ARM

DATE CVE VULNERABILITY TITLE RISK
2020-12-24 CVE-2020-24658 Out-Of-Bounds Write vulnerability in ARM Compiler
Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays.
local
arm CWE-787
4.4
2020-11-12 CVE-2020-16273 Integer Underflow (Wrap OR Wraparound) vulnerability in ARM Armv8-M Firmware
In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors.
local
low complexity
arm CWE-191
7.2
2020-09-02 CVE-2020-16150 Information Exposure Through Discrepancy vulnerability in ARM Mbed TLS
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information.
local
low complexity
arm CWE-203
2.1
2020-06-18 CVE-2020-12887 Memory Leak vulnerability in ARM Mbed-Coap 5.1.5
Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5.
network
low complexity
arm CWE-401
5.0
2020-06-18 CVE-2020-12886 Out-Of-Bounds Read vulnerability in ARM Mbed OS 5.15.3
A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3.
network
low complexity
arm CWE-125
6.4
2020-06-18 CVE-2020-12885 Infinite Loop vulnerability in ARM Mbed OS 5.15.3
An infinite loop was discovered in the CoAP library in Arm Mbed OS 5.15.3.
network
low complexity
arm CWE-835
7.8
2020-06-18 CVE-2020-12884 Out-Of-Bounds Read vulnerability in ARM Mbed OS 5.15.3
A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3.
network
low complexity
arm CWE-125
6.4
2020-06-18 CVE-2020-12883 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in ARM Mbed OS 5.15.3
Buffer over-reads were discovered in the CoAP library in Arm Mbed OS 5.15.3.
network
low complexity
arm CWE-119
6.4
2020-06-08 CVE-2020-13844 Information Exposure vulnerability in ARM products
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."
local
low complexity
arm CWE-200
2.1
2020-04-15 CVE-2020-10932 USE of A Broken OR Risky Cryptographic Algorithm vulnerability in ARM Mbed TLS
An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15.
local
arm CWE-327
1.9