Vulnerabilities > ARM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-11 | CVE-2023-22808 | Out-of-bounds Read vulnerability in ARM products An issue was discovered in the Arm Android Gralloc Module. | 3.3 |
| 2023-04-11 | CVE-2022-46396 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ARM products An issue was discovered in the Arm Mali Kernel Driver. | 3.3 |
| 2023-04-06 | CVE-2023-26083 | Memory Leak vulnerability in ARM products Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata. | 3.3 |
| 2023-04-06 | CVE-2022-46781 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ARM products An issue was discovered in the Arm Mali GPU Kernel Driver. | 3.3 |
| 2023-03-15 | CVE-2023-26084 | Improper Initialization vulnerability in ARM Aarch64Cryptolib The armv8_dec_aes_gcm_full() API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. | 3.7 |
| 2022-03-10 | CVE-2022-25368 | Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. | 1.9 |
| 2021-08-23 | CVE-2021-35465 | Unspecified vulnerability in ARM products Certain Arm products before 2021-08-23 do not properly consider the effect of exceptions on a VLLDM instruction. | 3.6 |
| 2021-06-09 | CVE-2021-26313 | Information Exposure Through Discrepancy vulnerability in multiple products Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage. | 2.1 |
| 2020-06-08 | CVE-2020-13844 | Information Exposure Through Discrepancy vulnerability in multiple products Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." | 2.1 |
| 2018-12-05 | CVE-2018-19608 | Improper Privilege Management vulnerability in ARM Mbed TLS Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites. | 1.9 |