50 matches found
CVE-2023-40271
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function...
EUVD-2021-18898
Malware in sbrugna...
EUVD-2023-44867
Malicious code in bioql PyPI...
EUVD-2021-30532
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-40327
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Trusted Firmware-M TF-M 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key held by the Crypto service based solely on...
CVE-2025-53022
TrustedFirmware-M aka Trusted Firmware for M profile Arm CPUs before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade FWU module does not validate the length field of the Type-Length-Value TLV structure for dependen...
CVE-2025-53022
TrustedFirmware-M aka Trusted Firmware for M profile Arm CPUs before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade FWU module does not validate the length field of the Type-Length-Value TLV structure for dependen...
CVE-2023-51712
An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function...
CVE-2021-32032
In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation in the event of a failure can prevent the abort operation in the associated cryptographic library from freeing internal resources, causing a memory leak...
CVE-2024-45746
An issue was discovered in Trusted Firmware-M through 2.1.0. User provided and controlled mailbox messages contain a pointer to a list of input arguments invec and output arguments outvec. These list pointers are never validated. Each argument list contains a buffer pointer and a buffer length...
Linaro Trusted Firmware-M 安全漏洞
Linaro Trusted Firmware-M Tf-M is a reference implementation of the Platform Security Architecture Psa IoT security framework from Linaro, UK. A security vulnerability exists in Linaro Trusted Firmware-M version 2.1.0, which stems from not validating user-supplied pointers to invec and outvec...
CVE-2024-45746
An issue was discovered in Trusted Firmware-M through 2.1.0. User provided and controlled mailbox messages contain a pointer to a list of input arguments invec and output arguments outvec. These list pointers are never validated. Each argument list contains a buffer pointer and a buffer length...
PT-2024-31745 · Unknown · Trusted Firmware-M
Name of the Vulnerable Software and Affected Versions: Trusted Firmware-M versions through 2.1.0 Description: An issue was discovered where user-provided mailbox messages contain a pointer to a list of input arguments in vec and output arguments out vec that are never validated. Each argument lis...
CVE-2024-45746
An issue was discovered in Trusted Firmware-M through 2.1.0. User provided and controlled mailbox messages contain a pointer to a list of input arguments invec and output arguments outvec. These list pointers are never validated. Each argument list contains a buffer pointer and a buffer length...
CVE-2024-45746
Summary: CVE-2024-45746 affects Trusted Firmware-M up to version 2.1.0. The flaw lies in mailbox handling where user-provided in_vec/out_vec pointers are not validated, and the length of pending output arguments is updated after a PSA call regardless of the call result. This enables an attacker t...
CVE-2024-45746
An issue was discovered in Trusted Firmware-M through 2.1.0. User provided and controlled mailbox messages contain a pointer to a list of input arguments invec and output arguments outvec. These list pointers are never validated. Each argument list contains a buffer pointer and a buffer length...
CVE-2023-51712
An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function...
CVE-2023-51712
An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function...
CVE-2023-51712
An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function...
Trusted Firmware-M 安全漏洞
Linaro Trusted Firmware-M Tf-M is a reference implementation of the Platform Security Architecture Psa IoT security framework from Linaro, UK. A security vulnerability exists in Trusted Firmware-M version 2.0.0 and prior versions, which stems from a lack of parameter validation in the logging...