Lucene search
+L

557 matches found

cnvd
cnvd
added 2019/07/16 12:0 a.m.6 views

Linaro OP-TEE Buffer Overflow Vulnerability

Linaro OP-TEE is an open source trusted execution environment from Linaro UK. A buffer overflow vulnerability exists in opteeos in Linaro OP-TEE 3.3.0 and earlier versions. The vulnerability stems from a networked system or product performing operations on memory without properly validating data...

10CVSS7.4AI score0.03848EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2019/07/15 12:0 a.m.11 views

PT-2019-11549

Name of the Vulnerable Software and Affected Versions: Linaro/OP-TEE versions prior to 3.4.0 Description: The issue is a buffer overflow in the optee os component, allowing execution of code in the TEE core kernel context. Recommendations: For versions prior to 3.4.0, update to version 3.4.0 or...

10CVSS8.4AI score0.02723EPSS
Exploits0References4
bdu_fstec
bdu_fstec
added 2019/06/21 12:0 a.m.10 views

The vulnerability of the SMC-processor GLOBAL_CMD_ID_NEED_LOAD_APP in the TEE OS Trusted Core of the Huawei Mate 9 Pro mobile phone operating system allows a perpetrator to trigger a service failure, modify program algorithms (by changing the flags from TRUE/FALSE), or compromise critical data stored in physical memory.

The vulnerability of the SMC-processor GLOBALCMDIDNEEDLOADAPP in the TEE OS Trusted Core of the Huawei Mate 9 Pro mobile phone operating system is related to the lack of validation for input data. Exploiting this vulnerability can allow an attacker to cause service failures, modify program...

6.7CVSS5.5AI score
Exploits0
mskb
mskb
added 2019/06/11 7:0 a.m.128 views

June 11, 2019—KB4503290 (Security-only update)

None None...

9.3CVSS6.8AI score0.48043EPSS
Exploits12
mskb
mskb
added 2019/06/11 7:0 a.m.281 views

June 11, 2019—KB4503293 (OS Build 18362.175)

None None...

9.3CVSS6.8AI score0.48043EPSS
Exploits14
mskb
mskb
added 2019/06/11 7:0 a.m.84 views

June 11, 2019—KB4503285 (Monthly Rollup)

None None...

9.3CVSS6.8AI score0.48043EPSS
Exploits12
mskb
mskb
added 2019/05/19 12:0 a.m.8 views

May 19, 2019—KB4505056 (OS Build 17763.504)

None None...

6.1AI score
Exploits0
mskb
mskb
added 2019/05/14 7:0 a.m.101 views

May 14, 2019—KB4499151 (Monthly Rollup)

None None...

9.8CVSS6.8AI score0.26264EPSS
Exploits2
mskb
mskb
added 2019/04/09 7:0 a.m.81 views

April 9, 2019—KB4493467 (Security-only update)

None None...

9.3CVSS6.8AI score0.4523EPSS
Exploits42
mskb
mskb
added 2019/04/09 7:0 a.m.53 views

April 9, 2019—KB4493450 (Security-only update)

None None...

9.3CVSS6.8AI score0.4523EPSS
Exploits42
mskb
mskb
added 2019/03/12 7:0 a.m.110 views

March 12, 2019—KB4489881 (Monthly Rollup)

None None...

9.3CVSS6.8AI score0.34209EPSS
Exploits1
bdu_fstec
bdu_fstec
added 2018/12/25 12:0 a.m.5 views

The vulnerability of the Qualcomm QTEE keymaster component of the Android operating system allows a intruder to gain access to memory.

The vulnerability of the Qualcomm QTEE keymaster component of the Android operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to memory...

8.6CVSS7.2AI score0.00223EPSS
Exploits0References2
threatpost
threatpost
added 2018/10/02 4:47 p.m.41 views

Google Patches Critical Vulnerabilities in Android OS

Google patched six critical remote code execution flaws in its Android operating system as part of its October Android Security Bulletin. Four of those remote code execution flaws are tied to Android’s Media framework and impact a wide range of Android devices including Google’s Pixel and Nexus...

10CVSS0.2AI score0.05278EPSS
Exploits0References8
bdu_fstec
bdu_fstec
added 2018/07/19 12:0 a.m.4 views

The vulnerability of the API interface of the Qualcomm Trusted Execution Environment component in the Android operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the API interface of the Qualcomm Trusted Execution Environment component in the Android operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of...

10CVSS5.5AI score0.01252EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2018/07/19 12:0 a.m.6 views

The vulnerability of the Qualcomm Trusted Execution Environment component in the Android operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of Qualcomm Trusted Execution Environment in the Android operating system is related to deficiencies in access control when using IPA Internet Protocol Accelerator. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and...

10CVSS7.8AI score0.01323EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2018/07/19 12:0 a.m.7 views

The vulnerability of the Qualcomm Trusted Execution Environment component in the Android operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of Qualcomm Trusted Execution Environment in the Android operating system is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to bypass debug policy restrictions and compromise the confidentiality, integrity, and accessibility o...

10CVSS5.5AI score0.01262EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2018/07/05 12:0 a.m.8 views

The vulnerability of the Qualcomm Trusted Execution Environment component in the Android operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of Qualcomm Trusted Execution Environment in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...

10CVSS5.5AI score0.01252EPSS
Exploits0References4
cnvd
cnvd
added 2018/06/14 12:0 a.m.7 views

Google Android Qualcomm QTEECOM Driver Privilege Access Control Vulnerability

Android on Google Pixel and Nexus is an open source Linux-based operating system for Google Pixel and Nexus smartphones developed by Google Inc. and the Open Handset Alliance OHA.Qualcomm QTEECOM driver The Qualcomm QTEECOM driver is one of the Secure Execution Environment Communicator drivers. A...

7CVSS7AI score0.00119EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2018/05/25 12:0 a.m.5 views

The vulnerability of the Qualcomm QTEE API in the Android operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Qualcomm QTEE API in the Android operating system is related to errors in handling array indexes. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS5.5AI score0.01252EPSS
Exploits0References5Affected Software1
bdu_fstec
bdu_fstec
added 2018/05/25 12:0 a.m.8 views

The vulnerability of the Qualcomm TZ App Handler component in the Android operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Qualcomm TZ App Handler component in the Android operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS5.5AI score0.01252EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder