Vulnerabilities > ARM > Mbed TLS > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-09-05 CVE-2024-45159 Improper Certificate Validation vulnerability in ARM Mbed TLS
An issue was discovered in Mbed TLS 3.x before 3.6.1.
network
low complexity
arm CWE-295
critical
 9.8
9.8
2023-10-07 CVE-2023-45199 Classic Buffer Overflow vulnerability in ARM Mbed TLS 3.2.0/3.3.0
Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution.
network
low complexity
arm CWE-120
critical
 9.8
9.8
2022-12-15 CVE-2022-46393 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
network
low complexity
arm fedoraproject CWE-787
critical
 9.8
9.8
2022-07-15 CVE-2022-35409 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0.
network
low complexity
arm debian CWE-125
critical
 9.1
9.1
2021-12-20 CVE-2021-44732 Double Free vulnerability in multiple products
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure.
network
low complexity
arm debian CWE-415
critical
 9.8
9.8