Lucene search
K

158 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 2:12 p.m.13 views

CVE-2020-11242

User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile...

8.4CVSS7.2AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:39 p.m.8 views

CVE-2024-22004

Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application...

10CVSS6.9AI score0.00238EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/01/29 8:0 a.m.7 views

nvmet-auth: assign dh_key to NULL after kfree_sensitive

...

7.8CVSS7AI score0.00254EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.18 views

The vulnerability of the SMEM partition in Qualcomm’s security microprogramming software allows attackers to disclose protected information.

The vulnerability of the SMEM microprogramming software for Qualcomm processors lies in reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

8.4CVSS5.4AI score0.00104EPSS
Exploits0References4Affected Software1
Microsoft CVE
Microsoft CVE
added 2024/12/07 8:0 a.m.4 views

Golang-fips: golang fips zeroed buffer

...

6.5CVSS6.8AI score0.00298EPSS
Exploits0
OSV
OSV
added 2024/11/18 6:33 p.m.9 views

CLSA-2024-1731933167 kernel: Fix of 36 CVEs

smb: client: fix use-after-free in smb2queryinfocompound CVE-2023-52751 - smb: client: prevent new fids from being removed by laundromat CVE-2023-52751 - cifs: fix dentry lookups in directory handle cache CVE-2023-52751 - uprobe: avoid out-of-bounds memory access of fetching args CVE-2024-50067 -...

9.1CVSS7AI score0.01367EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.3 views

hw: arm64/sme: Always exit sme_alloc() early with existing storage

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit smealloc early with existing storage When smealloc is called with existing storage and we are not flushing we will always allocate new storage, both leaking the existing storage and corrupting the state. Fi...

5.5CVSS6.8AI score0.00239EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/10/02 12:26 a.m.6 views

kernel: hw:amd: Incomplete system memory cleanup in SEV firmware corrupt guest private memory

A flaw was found in hw in the SNP-SEV firmware. This flaw could allow a privileged attacker to corrupt a guest's private memory, potentially resulting in the loss of data integrity of the guest...

4.4CVSS7.1AI score0.00199EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/08/05 12:0 a.m.6 views

AMD SEV-SNP 安全漏洞

AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. AMD SEV-SNP suffers from a security vulnerability that stems from an improper restriction on write operations causing a malicious hypervisor to overwrite the...

6CVSS6AI score0.00443EPSS
Exploits1References2
OSV
OSV
added 2024/05/17 3:15 p.m.3 views

DEBIAN-CVE-2023-52684

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: qseecom: fix memory leaks in error paths Fix instances of returning error codes directly instead of jumping to the relevant labels where memory allocated for the SCM calls would be freed...

5.5CVSS5.4AI score0.00202EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.3 views

PT-2024-14692 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to memory leaks in error paths in the Linux kernel, specifically in the qseecom firmware component. The problem occurs when error codes are returned directly inste...

5.5CVSS6.4AI score0.00202EPSS
Exploits0References9
NVD
NVD
added 2024/04/05 6:15 p.m.10 views

CVE-2024-22004

Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application...

10CVSS9.4AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2024/04/05 6:15 p.m.5 views

CVE-2024-22004

Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application...

7.7CVSS5.8AI score0.00238EPSS
Exploits0References1
CVE
CVE
added 2024/04/05 6:3 p.m.76 views

CVE-2024-22004

The CVE-2024-22004 entry affects Google Nest Wifi and a Linux Nonsecure OS. Root cause: an unchecked length issue in the Trusted Application path allows a privileged attacker to trigger a vulnerability. The described effect is leakage of secure memory from the Trusted Application, with a related ...

10CVSS9.4AI score0.00238EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/04/05 12:0 a.m.5 views

Google Nest 缓冲区错误漏洞

Google Nest is a smart home product by Google, an American company. A security vulnerability exists in Google Nest. An attacker exploited the vulnerability to leak the secure memory of a trusted application...

10CVSS6.5AI score0.00238EPSS
Exploits0References2
OSV
OSV
added 2024/03/11 6:15 p.m.1 views

DEBIAN-CVE-2024-26618

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit smealloc early with existing storage When smealloc is called with existing storage and we are not flushing we will always allocate new storage, both leaking the existing storage and corrupting the state. Fi...

5.5CVSS5.7AI score0.00239EPSS
Exploits0References1
NVD
NVD
added 2023/12/15 9:15 p.m.25 views

CVE-2023-4020

An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory...

9.1CVSS0.00569EPSS
Exploits0References2
Prion
Prion
added 2023/12/15 9:15 p.m.19 views

Design/Logic Flaw

An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory...

6.4CVSS7.1AI score0.00569EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/15 8:37 p.m.26 views

CVE-2023-4020 Unvalidated input in Silicon Labs PSA Attestation service leads to secure memory access from non-secure memory

An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory...

9CVSS9.4AI score0.00569EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/15 12:0 a.m.6 views

Silicon Labs TrustZone Input Validation Error Vulnerability

Silicon Labs TrustZone is a security software technology from Silicon Labs, Inc. Silicon Labs TrustZone suffers from an input validation error vulnerability that arises from a library function that does not perform user input validation, which could allow an attacker to read from a non-secure...

9.1CVSS6.7AI score0.00569EPSS
Exploits0References4
Rows per page
Query Builder