Vulnerabilities > ARM > High

DATE CVE VULNERABILITY TITLE RISK
2023-07-27 CVE-2022-43702 Incorrect Default Permissions vulnerability in ARM products
When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code.
local
low complexity
arm CWE-276
7.8
7.8
2023-07-27 CVE-2022-43703 Uncontrolled Search Path Element vulnerability in ARM Development Studio and DS Development Studio
An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.
local
low complexity
arm CWE-427
7.8
7.8
2023-06-29 CVE-2023-26085 Out-of-bounds Write vulnerability in ARM NN Android Neural Networks Driver
A possible out-of-bounds read and write (due to an improper length check of shared memory) was discovered in Arm NN Android-NN-Driver before 23.02.
local
low complexity
arm CWE-787
7.8
7.8
2023-03-08 CVE-2022-46394 Use After Free vulnerability in ARM products
An issue was discovered in the Arm Mali GPU Kernel Driver.
network
low complexity
arm CWE-416
8.8
8.8
2023-03-06 CVE-2022-46395 Use After Free vulnerability in ARM products
An issue was discovered in the Arm Mali GPU Kernel Driver.
network
low complexity
arm CWE-416
8.8
8.8
2023-01-17 CVE-2022-46891 Use After Free vulnerability in ARM products
An issue was discovered in the Arm Mali GPU Kernel Driver.
network
low complexity
arm CWE-416
8.8
8.8
2023-01-16 CVE-2022-47630 Out-of-bounds Read vulnerability in ARM Trusted Firmware-A
Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates.
network
high complexity
arm CWE-125
7.4
7.4
2023-01-10 CVE-2022-48251 Information Exposure Through Discrepancy vulnerability in ARM products
The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks.
network
low complexity
arm CWE-203
7.5
7.5
2022-12-12 CVE-2022-42716 Use After Free vulnerability in ARM Valhall GPU Kernel Driver
An issue was discovered in the Arm Mali GPU Kernel Driver.
network
low complexity
arm CWE-416
8.8
8.8
2022-11-23 CVE-2022-34830 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in ARM Utgard GPU Kernel Driver R11P0/R12P0
An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged user to make improper GPU processing operations to gain access to already freed memory.
network
high complexity
arm CWE-367
7.5
7.5