CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2021-12396

Malware in sbrugna...

7.2CVSS5AI score0.001EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2022-33232

Malicious code in bioql PyPI...

4.4CVSS5AI score0.00209EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:20 a.m.•4 views

CVE-2024-32899

In gpupmpowerofftopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a race condition. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

7CVSS6.8AI score0.00078EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:26 p.m.•5 views

CVE-2021-25500

A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise...

7.2CVSS6.8AI score0.001EPSS

Exploits0References1

Prion•added 2022/05/03 8:15 p.m.•18 views

Design/Logic Flaw

Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE. The patch is applied in Galaxy S22 to prevent change of Android ROT after first initialization at boot time...

2.1CVSS4.8AI score0.00209EPSS

Exploits0References1

Cvelist•added 2022/05/03 7:44 p.m.•14 views

CVE-2022-28793

4.4CVSS5.1AI score0.00209EPSS

Exploits0References1

CVE•added 2022/05/03 7:44 p.m.•73 views

CVE-2022-28793

The CVE-2022-28793 entry describes a vulnerability in Samsung Galaxy S22 StrongBox where improper state maintenance allows an attacker who compromises the TEE to alter the Android ROT during boot. Affected component: StrongBox state maintenance logic. Impact: potential change of Android ROT at bo...

4.4CVSS4.8AI score0.00209EPSS

Exploits0References1Affected Software1

Prion•added 2021/11/05 3:15 a.m.•16 views

Input validation

A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise...

2.1CVSS4.8AI score0.001EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/11/05 2:3 a.m.•14 views

CVE-2021-25500

A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise...

7.2CVSS7.1AI score0.001EPSS

Exploits0References1

CVE•added 2021/11/05 2:3 a.m.•54 views

CVE-2021-25500

CVE-2021-25500 describes a missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 that allows attackers to overwrite TZASC , potentially causing a TEE compromise on Samsung mobile devices. The vulnerability affects versions prior to that release. The underlying issue is a lack of i...

7.2CVSS4.7AI score0.001EPSS

Exploits0References1Affected Software1

Prion•added 2021/10/06 6:15 p.m.•13 views

Input validation

An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE...

3.6CVSS7.7AI score0.00118EPSS

Exploits0References1Affected Software1

Prion•added 2019/02/11 3:29 p.m.•26 views

Code injection

Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE kernel and compromise the whole TEE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon...

7.2CVSS7.4AI score0.0023EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by