Vulnerabilities > ARM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-09 | CVE-2021-26313 | Information Exposure Through Discrepancy vulnerability in multiple products Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage. | 5.5 |
| 2021-06-09 | CVE-2021-26314 | Information Exposure Through Discrepancy vulnerability in multiple products Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage. | 5.5 |
| 2021-05-25 | CVE-2021-27562 | Out-of-bounds Write vulnerability in ARM Trusted Firmware M In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode. | 5.5 |
| 2021-05-24 | CVE-2021-29256 | Use After Free vulnerability in ARM Bifrost, Midgard and Valhall . | 8.8 |
| 2021-05-10 | CVE-2021-28663 | Use After Free vulnerability in ARM products The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. | 8.8 |
| 2021-05-10 | CVE-2021-28664 | Out-of-bounds Write vulnerability in ARM products The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. | 8.8 |
| 2020-12-24 | CVE-2020-24658 | Allocation of Resources Without Limits or Throttling vulnerability in ARM Compiler Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. | 7.8 |
| 2020-11-12 | CVE-2020-16273 | Integer Underflow (Wrap or Wraparound) vulnerability in ARM Armv8-M Firmware In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. | 7.8 |
| 2020-09-02 | CVE-2020-16150 | Information Exposure Through Discrepancy vulnerability in multiple products A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. | 5.5 |
| 2020-06-18 | CVE-2020-12887 | Memory Leak vulnerability in ARM Mbed-Coap 5.1.5 Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5. | 7.5 |