Lucene search

K
ArmMbed Tls

58 matches found

CVE
CVE
added 2023/10/07 1:15 a.m.38 views

CVE-2023-45199

Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution.

9.8CVSS9.6AI score0.08551EPSS
CVE
CVE
added 2024/09/05 7:15 p.m.36 views

CVE-2024-45158

An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. (This n...

9.8CVSS7.5AI score0.00528EPSS
CVE
CVE
added 2025/07/04 3:15 p.m.13 views

CVE-2025-52497

Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtls_pem_read_buffer and two mbedtls_pk_parse functions, via untrusted PEM input.

4.8CVSS6.8AI score0.00061EPSS
CVE
CVE
added 2025/07/20 7:15 p.m.12 views

CVE-2025-47917

Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtls_x509_string_to_names() takes a head argument that is documented as an output argument. The documentation does not suggest that the functi...

9.8CVSS6.8AI score0.0006EPSS
CVE
CVE
added 2025/07/20 6:15 p.m.12 views

CVE-2025-48965

Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can trigger conflicting data with val.p of NULL but val.len greater than zero.

7.5CVSS6.6AI score0.00056EPSS
CVE
CVE
added 2025/07/04 3:15 p.m.10 views

CVE-2025-49600

In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_verify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS (Leighton-Micali Signature) forgery in a fault scenario. Specifically, unchecked return values in mbedtls_lms_verify allow an attacker (who can in...

4.9CVSS7AI score0.00009EPSS
CVE
CVE
added 2025/07/04 3:15 p.m.10 views

CVE-2025-49601

In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-depende...

6.5CVSS6.5AI score0.00053EPSS
CVE
CVE
added 2025/07/20 7:15 p.m.9 views

CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS#7 padding mode is used.

4CVSS6.8AI score0.00035EPSS
Total number of security vulnerabilities58