Vulnerabilities > ARM

DATE CVE VULNERABILITY TITLE RISK
2023-03-08 CVE-2022-46394 Use After Free vulnerability in ARM products
An issue was discovered in the Arm Mali GPU Kernel Driver.
network
low complexity
arm CWE-416
8.8
8.8
2023-03-06 CVE-2022-46395 Use After Free vulnerability in ARM products
An issue was discovered in the Arm Mali GPU Kernel Driver.
network
low complexity
arm CWE-416
8.8
8.8
2023-01-17 CVE-2021-36647 Use of a Broken or Risky Cryptographic Algorithm vulnerability in ARM Mbed TLS
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA.
local
high complexity
arm CWE-327
4.7
4.7
2023-01-17 CVE-2022-46891 Use After Free vulnerability in ARM products
An issue was discovered in the Arm Mali GPU Kernel Driver.
network
low complexity
arm CWE-416
8.8
8.8
2023-01-16 CVE-2022-47630 Out-of-bounds Read vulnerability in ARM Trusted Firmware-A
Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates.
network
high complexity
arm CWE-125
7.4
7.4
2023-01-10 CVE-2022-48251 Information Exposure Through Discrepancy vulnerability in ARM products
The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks.
network
low complexity
arm CWE-203
7.5
7.5
2022-12-15 CVE-2022-46392 Information Exposure Through Discrepancy vulnerability in multiple products
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
network
high complexity
arm fedoraproject CWE-203
5.3
5.3
2022-12-15 CVE-2022-46393 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
network
low complexity
arm fedoraproject CWE-787
critical
 9.8
9.8
2022-12-12 CVE-2022-42716 Use After Free vulnerability in ARM Valhall GPU Kernel Driver
An issue was discovered in the Arm Mali GPU Kernel Driver.
network
low complexity
arm CWE-416
8.8
8.8
2022-11-23 CVE-2022-34830 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in ARM Utgard GPU Kernel Driver R11P0/R12P0
An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged user to make improper GPU processing operations to gain access to already freed memory.
network
high complexity
arm CWE-367
7.5
7.5