Lucene search
K

42 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: arm-trusted-firmware (UTSA-2026-016502)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016502 advisory. Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 12:36 p.m.6 views

CVE-2023-49100

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

4.4CVSS6.7AI score0.00224EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/11/23 5:7 p.m.2 views

CVE-2025-48507

The security state of the calling processor into Trusted Firmware TF-A is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the ability to turn on and off subsystems within the SOC...

8.6CVSS5.5AI score0.0016EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-11131

Malware in sbrugna...

5.3CVSS5.3AI score0.01432EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-50390

Malicious code in bioql PyPI...

7.4CVSS7.4AI score0.00629EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:45 p.m.10 views

CVE-2022-47630

Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of getext and authnvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state...

7.4CVSS6.3AI score0.00629EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/19 6:25 p.m.4 views

Malicious code in trusted-firmware-a (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3a6dc31ad91aec1f31822d8aced35d9645371c5e0194f3a4b7627a6753955769 The OpenSSF Package Analysis project identified 'trusted-firmware-a' @ 100.11.1337 npm as malicious. It is considered malicious because: - The...

7.2AI score
Exploits0
OSV
OSV
added 2025/03/29 6:24 a.m.4 views

OESA-2025-1344 arm-trusted-firmware security update

Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a...

5.1CVSS6.8AI score0.00191EPSS
Exploits0References2
OSV
OSV
added 2025/03/29 6:24 a.m.5 views

OESA-2025-1343 arm-trusted-firmware security update

Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a...

5.1CVSS6.8AI score0.00191EPSS
Exploits0References2
OSV
OSV
added 2025/03/29 6:24 a.m.5 views

OESA-2025-1342 arm-trusted-firmware security update

Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a...

5.1CVSS6.8AI score0.00191EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-49100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enou...

4.4CVSS5.2AI score0.00224EPSS
Exploits0References3
OSV
OSV
added 2024/05/21 3:15 p.m.2 views

UBUNTU-CVE-2021-47229

In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIOSTART register when previous transfer has not yet completed which is indicated by value 1 in PIOSTART causes an...

5.5CVSS5.9AI score0.00226EPSS
Exploits0References9
OSV
OSV
added 2024/03/08 11:7 a.m.6 views

OESA-2024-1264 arm-trusted-firmware security update

Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input...

4.4CVSS7AI score0.00224EPSS
Exploits0References2
NVD
NVD
added 2024/02/21 4:15 p.m.20 views

CVE-2023-49100

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

4.4CVSS6.4AI score0.00224EPSS
Exploits0References3
OSV
OSV
added 2024/02/21 4:15 p.m.6 views

CVE-2023-49100

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

4.4CVSS6.6AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/02/21 4:15 p.m.8 views

CVE-2023-49100

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References2
Prion
Prion
added 2024/02/21 4:15 p.m.12 views

Out-of-bounds

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

7.2AI score0.00224EPSS
Exploits0References3
OSV
OSV
added 2024/02/21 4:15 p.m.4 views

UBUNTU-CVE-2023-49100

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References3
CVE
CVE
added 2024/02/21 12:0 a.m.6092 views

CVE-2023-49100

TF-A before 2.10 has CVE-2023-49100: a read-out-of-bounds in the SDEI service due to insufficient validation of the x1 parameter in sdei_interrupt_bind, passing to plat_ic_get_interrupt_type and bypassing plat_ic_is_sgi checks. A compromised Normal World (Linux) can issue arbitrary SMC calls, con...

4.4CVSS6.5AI score0.00224EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.5 views

PT-2024-13674 · Unknown +1 · Arm Trusted Firmware +1

Name of the Vulnerable Software and Affected Versions: Trusted Firmware-A TF-A versions prior to 2.10 Description: The issue is related to a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei interrupt bind...

4.4CVSS4.9AI score0.00224EPSS
Exploits0References16
Rows per page
Query Builder