VYPR

Vendor CVEs

Arm

All CVEs

182 total · sorted by risk
  • CVE-2024-28960HigMar 29, 2024
    risk 0.46cvss 8.2epss 0.01

    An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.

  • CVE-2021-36133HigDec 7, 2021
    risk 0.46cvss 7.1epss 0.00

    The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral.

  • CVE-2017-9607HigSep 20, 2017
    risk 0.46cvss 7.0epss 0.01

    The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image,…

  • CVE-2020-13799MedNov 18, 2020
    risk 0.44cvss 6.8epss 0.00

    Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe. The RPMB protocol is specified by industry standards…

  • CVE-2018-3639MedMay 22, 2018
    risk 0.44cvss 5.5epss 0.61

    Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,…

  • CVE-2026-25835HigApr 1, 2026
    risk 0.43cvss 7.7epss 0.00

    Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG).

  • CVE-2026-34876HigApr 2, 2026
    risk 0.42cvss 7.5epss 0.00

    An issue was discovered in Mbed TLS 3.x before 3.6.6. An out-of-bounds read vulnerability in mbedtls_ccm_finish() in library/ccm.c allows attackers to obtain adjacent CCM context data via invocation of the multipart CCM API with an oversized tag_len parameter. This is caused by…

  • CVE-2026-34874HigApr 1, 2026
    risk 0.42cvss 7.5epss 0.00

    An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0.

  • CVE-2026-25833HigApr 1, 2026
    risk 0.42cvss 7.5epss 0.00

    Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6() function

  • CVE-2024-0151MedApr 24, 2024
    risk 0.42cvss 6.5epss 0.00

    Insufficient argument checking in Secure state Entry functions in software using Cortex-M Security Extensions (CMSE), that has been compiled using toolchains that implement 'Arm v8-M Security Extensions Requirements on Development Tools' prior to version 1.4, allows an attacker…

  • CVE-2024-28755MedApr 3, 2024
    risk 0.42cvss 6.5epss 0.00

    An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the mbedtls_ssl_session_reset() API, the maximum TLS version to be negotiated was not restored to the configured one. An attacker was able to prevent an Mbed TLS server from establishing…

  • CVE-2024-23775HigJan 31, 2024
    risk 0.42cvss 7.5epss 0.01

    Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension().

  • CVE-2022-47549MedDec 19, 2022
    risk 0.42cvss 6.4epss 0.00

    An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted Execution Environment (OP-TEE) before 3.20 allows a physically proximate adversary to bypass signature verification and install malicious trusted applications via electromagnetic fault…

  • CVE-2021-27562MedKEVMay 25, 2021
    risk 0.42cvss 5.5epss 0.03

    In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode.

  • CVE-2026-42627MedMay 22, 2026
    risk 0.40cvss 6.2epss 0.00

    In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements() in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying…

  • CVE-2018-0497MedJul 28, 2018
    risk 0.39cvss 5.9epss 0.03

    ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384…

  • CVE-2021-40327MedJan 13, 2022
    risk 0.38cvss 5.9epss 0.01

    Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key (held by the Crypto service) based solely on knowledge of its key ID. For example, there is no authorization check associated with the relationship between a…

  • CVE-2016-10319MedApr 6, 2017
    risk 0.38cvss 5.9epss 0.02

    In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. This affects certain cases involving execution of both AArch64 Generic Trusted Firmware (TF) BL1 code and other…

  • CVE-2026-34871MedApr 1, 2026
    risk 0.37cvss 6.7epss 0.00

    An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG).

  • CVE-2026-25834MedApr 1, 2026
    risk 0.35cvss 6.5epss 0.00

    Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade.

  • CVE-2025-27810MedMar 25, 2025
    risk 0.35cvss 5.4epss 0.00

    Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.

  • CVE-2024-28836MedApr 3, 2024
    risk 0.35cvss 5.4epss 0.00

    An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 client could put a…

  • CVE-2018-19440MedJan 30, 2019
    risk 0.35cvss 5.3epss 0.01

    ARM Trusted Firmware-A allows information disclosure.

  • CVE-2022-46392MedDec 15, 2022
    risk 0.34cvss 5.3epss 0.01

    An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim…

  • CVE-2025-66442MedApr 1, 2026
    risk 0.33cvss 5.1epss 0.00

    In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected.

  • CVE-2024-45157MedSep 5, 2024
    risk 0.33cvss 5.1epss 0.00

    An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when…

  • CVE-2025-49600MedJul 4, 2025
    risk 0.32cvss 4.9epss 0.00

    In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_verify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS (Leighton-Micali Signature) forgery in a fault scenario. Specifically, unchecked return values in mbedtls_lms_verify allow an…

  • CVE-2018-12437MedJun 15, 2018
    risk 0.32cvss 4.9epss 0.01

    LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical…

  • CVE-2025-49601MedJul 4, 2025
    risk 0.31cvss 4.8epss 0.00

    In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key…

  • CVE-2023-51712MedSep 5, 2024
    risk 0.31cvss 4.7epss 0.00

    An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.

  • CVE-2023-31339MedAug 13, 2024
    risk 0.31cvss 4.8epss 0.00

    Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.

  • CVE-2021-36647MedJan 17, 2023
    risk 0.31cvss 4.7epss 0.00

    Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted…

  • CVE-2020-10932MedApr 15, 2020
    risk 0.31cvss 4.7epss 0.00

    An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by…

  • CVE-2018-19608MedDec 5, 2018
    risk 0.31cvss 4.7epss 0.00

    Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites.

  • CVE-2018-0498MedJul 28, 2018
    risk 0.31cvss 4.7epss 0.00

    ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.

  • CVE-2026-45702MedJun 3, 2026
    risk 0.29cvss 4.4epss 0.00

    OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when…

  • CVE-2024-23170MedJan 31, 2024
    risk 0.29cvss 5.5epss 0.00

    An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages…

  • CVE-2025-27809MedMar 25, 2025
    risk 0.28cvss 5.4epss 0.00

    Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.

  • CVE-2019-16910MedSep 26, 2019
    risk 0.28cvss 5.3epss 0.02

    Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times.…

  • CVE-2025-49087MedJul 20, 2025
    risk 0.26cvss 4.0epss 0.00

    In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS#7 padding mode is used.

  • CVE-2026-0995LowMar 2, 2026
    risk 0.23cvss 3.6epss 0.00

    An issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensure the completion of memory accesses related to SME.

  • CVE-2023-49100MedFeb 21, 2024
    risk 0.22cvss 4.4epss 0.00

    Trusted Firmware-A (TF-A) before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei_interrupt_bind. The parameter is passed to a call to plat_ic_get_interrupt_type. It can be…

  • CVE-2025-14547LowFeb 20, 2026
    risk 0.15cvss epss 0.00

    An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and SE Manager EC-JPAKE APIs during ZKP parsing. Triggering the underflow can lead to a hard fault, causing a temporary denial of service.

  • CVE-2022-38181KEVOct 25, 2022
    risk 0.14cvss epss 0.13

    The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.

  • CVE-2019-11001KEVApr 8, 2019
    risk 0.14cvss epss 0.38

    On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field.

  • CVE-2023-4211KEVOct 1, 2023
    risk 0.12cvss epss 0.01

    A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.

  • CVE-2023-26083KEVApr 6, 2023
    risk 0.12cvss epss 0.01

    Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from…

  • CVE-2022-22706KEVMar 3, 2022
    risk 0.12cvss epss 0.01

    Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.

  • CVE-2021-29256KEVMay 24, 2021
    risk 0.12cvss epss 0.03

    . The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0…

  • CVE-2021-28664KEVMay 10, 2021
    risk 0.12cvss epss 0.05

    The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0,…