Lucene search
K

34 matches found

CVE
CVE
added 2026/07/06 7:31 p.m.14 views

CVE-2026-42546

OP-TEE (Trusted Execution Environment for Arm TrustZone) prior to version 4.11.0 contains a resource leak in the shared memory cleanup path. Specifically, cleanup_shm_refs() in core/tee/entry_std.c fails to apply the OPTEE_MSG_ATTR_TYPE_MASK to parameter attributes when processing non-contiguous ...

3.8CVSS6AI score0.00105EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.6 views

PT-2026-55975

Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.3.0 through 4.10.x Description A resource leak exists in the shared memory cleanup logic of OP-TEE, a Trusted Execution Environment designed for Arm Cortex-A cores using TrustZone technology. The function cleanup shm refs in...

3.8CVSS6.1AI score0.00105EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/01/13 4:27 p.m.3 views

CVE-2025-25176 GPU DDK - GPU Register value contents leaked from secure workloads to non-secure world

Intermediate register values of secure workloads can be exfiltrated in workloads scheduled from applications running in the non-secure environment of a platform...

6.5AI score0.00309EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/10/11 12:0 a.m.6 views

Modern IOS Security Features -- a Deep Dive into SPTM, TXM, and Exclaves

The XNU kernel is the basis of Apple's operating systems. Although labeled as a hybrid kernel, it is found to generally operate in a monolithic manner by defining a single privileged trust zone in which all system functionality resides. This has security implications, as a kernel compromise has...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-6506

Malware in sbrugna...

7.5CVSS7.6AI score0.01886EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-8234

Malware in sbrugna...

7.8CVSS7.6AI score0.00341EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-3299

Malware in sbrugna...

7.7CVSS7.7AI score0.00197EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-3963

Malware in sbrugna...

5.5CVSS5.5AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-25844

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00125EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-36133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure Wor...

7.1CVSS7.2AI score0.0026EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:42 a.m.11 views

CVE-2023-48405

there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS7.1AI score0.00109EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:15 p.m.31 views

CVE-2020-16273

In Arm software implementing the Armv8-M processors all versions, the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the sta...

7.8CVSS6.7AI score0.00341EPSS
Exploits0
NVD
NVD
added 2023/12/08 4:15 p.m.22 views

CVE-2023-48405

there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS0.00109EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/08 3:41 p.m.19 views

CVE-2023-48405

there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.9AI score0.00109EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/08 12:0 a.m.6 views

PT-2023-30825 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is caused by a logic error in the code, allowing the secure world to write to NS memory. This could lead to local escalation of privilege, wit...

6.7CVSS6.5AI score0.00109EPSS
Exploits0References7
OSV
OSV
added 2023/12/01 12:0 a.m.11 views

PUB-A-293298397

there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS7AI score0.00109EPSS
Exploits0References1
Prion
Prion
added 2022/12/16 4:15 p.m.20 views

Input validation

In pagenumber of sharedmem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.3CVSS7.8AI score0.00125EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/16 12:0 a.m.31 views

CVE-2022-20584

In pagenumber of sharedmem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

8.1AI score0.00125EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/16 12:0 a.m.4 views

CVE-2022-20584

In pagenumber of sharedmem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

7.9AI score0.00125EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/16 12:0 a.m.3 views

PT-2022-14790 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to improper input validation in the page number of shared mem.c, which could lead to code execution in the secure world. This may result in local escalation of privilege without requiring...

7.8CVSS7.7AI score0.00125EPSS
Exploits0References4
Rows per page
Query Builder