Vulnerabilities > ARM > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-05 | CVE-2024-45159 | Improper Certificate Validation vulnerability in ARM Mbed TLS An issue was discovered in Mbed TLS 3.x before 3.6.1. | 9.8 |
| 2023-10-07 | CVE-2023-45199 | Classic Buffer Overflow vulnerability in ARM Mbed TLS 3.2.0/3.3.0 Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution. | 9.8 |
| 2022-12-15 | CVE-2022-46393 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. | 9.8 |
| 2022-07-15 | CVE-2022-35409 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. | 9.1 |
| 2022-05-19 | CVE-2022-28349 | Use After Free vulnerability in ARM products Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 through r23p0 before r24p0, and Valhall r19p0 through r23p0 before r24p0. | 9.8 |
| 2022-05-19 | CVE-2022-28350 | Use After Free vulnerability in ARM Valhall GPU Kernel Driver R29P0/R34P0/R35P0 Arm Mali GPU Kernel Driver allows improper GPU operations in Valhall r29p0 through r36p0 before r37p0 to reach a use-after-free situation. | 9.8 |
| 2022-05-19 | CVE-2022-28348 | Use After Free vulnerability in ARM products Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a use-after-free situation. | 9.8 |
| 2022-05-03 | CVE-2021-27431 | Unspecified vulnerability in ARM Cmsis-Rtos ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc (local malloc equivalent) function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution. | 9.8 |
| 2022-05-03 | CVE-2021-27433 | Integer Overflow or Wraparound vulnerability in ARM Mbed Ualloc 1.3.0 ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function mbed_krbs, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | 9.8 |
| 2022-05-03 | CVE-2021-27435 | Unspecified vulnerability in ARM Mbed 6.3.0 ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in malloc_wrapper function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | 9.8 |