The vulnerability of the execution environment for remote process calls in the Windows operating system allows a perpetrator to execute arbitrary code.

The vulnerability of the execution environment for remote process execution in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Qualcomm QTEE Information Disclosure Vulnerability

Qualcomm QTEE is a key component of a Qualcomm processor from Qualcomm Incorporated. provides a trusted execution environment. An information disclosure vulnerability exists in Qualcomm QTEE that stems from improper use of memset...

The vulnerability of the execution environment for remote process calls in the Windows operating system allows attackers to exploit their privileges.

The vulnerability of the execution environment for remote process calls in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Preboot eXecution Environment (PXE) of the Cisco IOS XR operating system allows a hacker to execute arbitrary code.

The vulnerability of the Preboot eXecution Environment PXE of the Cisco IOS XR operating system is related to access control deficiencies. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2020-27484

Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check for overflow...

CVE-2020-27484

Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check for overflow...

CVE-2020-8705

Insecure default initialization of resource in IntelR Boot Guard in IntelR CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, IntelR TXE versions before 3.1.80 and 4.0.30, IntelR SPS versions before E504.01.04.400, E304.01.04.200, SoC-X04.00.04.200...

CVE-2020-3284 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability

A vulnerability in the enhanced Preboot eXecution Environment PXE boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the...

Cisco IOS XR -bit Preboot eXecution Environment Access Control Error Vulnerability

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. A security vulnerability exists in the Cisco IOS XR 64-bit Preboot eXecution Environment, which can be exploited by an attacker to bypass restrictions via the Cisco IOS XR 64-bit...

The vulnerability of Intel Trusted Execution Engine’s microprogramming software, related to insecure privilege management, allows attackers to escalate their privileges.

The vulnerability of Intel Trusted Execution Engine TXE microprogramming software is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2020-7958

An issue was discovered on OnePlus 7 Pro devices before 10.0.3.GM21BA. The firmware was found to contain functionality that allows a privileged user root in the Rich Execution Environment REE to obtain bitmap images from the fingerprint sensor because of Leftover Debug Code. The issue is that the...

Design/Logic Flaw

An issue was discovered on OnePlus 7 Pro devices before 10.0.3.GM21BA. The firmware was found to contain functionality that allows a privileged user root in the Rich Execution Environment REE to obtain bitmap images from the fingerprint sensor because of Leftover Debug Code. The issue is that the...

CVE-2020-7958

An issue was discovered on OnePlus 7 Pro devices before 10.0.3.GM21BA. The firmware was found to contain functionality that allows a privileged user root in the Rich Execution Environment REE to obtain bitmap images from the fingerprint sensor because of Leftover Debug Code. The issue is that the...

Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-30770)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A buffer overflow vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to execute arbitrary TEE code...

CVE-2018-21063

An issue was discovered on Samsung mobile devices with M6.0, N7.x, and O8.x Exynos chipsets software. Keymaster has an architectural problem because tlApi in TEE is not properly protected. The Samsung ID is SVE-2018-11792 August 2018...

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-40860)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices have a security vulnerability that can be exploited by attackers to execute arbitrary TEE code...

CVE-2019-20607

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ...

CVE-2020-10848

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos 9810 chipsets software. Arbitrary memory mapping exists in TEE. The Samsung ID is SVE-2019-16665 February 2020...

CVE-2014-4859

Integer overflow in the Drive Execution Environment DXE phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data...

CVE-2014-4859

Integer overflow in the Drive Execution Environment DXE phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data...