Vulnerabilities > ARM > Cortex A

DATE CVE VULNERABILITY TITLE RISK
2018-07-10 CVE-2018-3693 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. 4.7
2018-05-22 CVE-2018-3640 Information Exposure Through Discrepancy vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.
local
intel arm CWE-203
4.7
2018-05-22 CVE-2018-3639 Information Exposure Through Discrepancy vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
2.1
2018-03-27 CVE-2018-9056 Information Exposure vulnerability in Intel products
Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope.
local
intel arm CWE-200
4.7
2018-01-04 CVE-2017-5754 Information Exposure vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
local
intel arm CWE-200
4.7
2018-01-04 CVE-2017-5715 Information Exposure Through Discrepancy vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
1.9