Vulnerabilities > ARM
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-11-12 | CVE-2020-16273 | Integer Underflow (Wrap or Wraparound) vulnerability in ARM Armv8-M Firmware In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. | 7.2 |
2020-09-02 | CVE-2020-16150 | Information Exposure Through Discrepancy vulnerability in multiple products A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. | 5.5 |
2020-06-18 | CVE-2020-12887 | Memory Leak vulnerability in ARM Mbed-Coap 5.1.5 Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5. | 5.0 |
2020-06-18 | CVE-2020-12886 | Out-of-bounds Read vulnerability in ARM Mbed OS 5.15.3 A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. | 6.4 |
2020-06-18 | CVE-2020-12885 | Infinite Loop vulnerability in ARM Mbed OS 5.15.3 An infinite loop was discovered in the CoAP library in Arm Mbed OS 5.15.3. | 7.8 |
2020-06-18 | CVE-2020-12884 | Out-of-bounds Read vulnerability in ARM Mbed OS 5.15.3 A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. | 6.4 |
2020-06-18 | CVE-2020-12883 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ARM Mbed OS 5.15.3 Buffer over-reads were discovered in the CoAP library in Arm Mbed OS 5.15.3. | 6.4 |
2020-06-08 | CVE-2020-13844 | Information Exposure Through Discrepancy vulnerability in multiple products Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." | 2.1 |
2020-04-15 | CVE-2020-10932 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. | 4.7 |
2020-03-24 | CVE-2020-10941 | Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import. | 5.9 |