Export limit exceeded: 356031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 356031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 356031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 356031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (356031 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-1010298 | 1 Trustedfirmware | 1 Op-tee | 2026-06-05 | N/A |
| Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later. | ||||
| CVE-2026-45702 | 2 Op-tee, Trustedfirmware | 2 Op-tee Os, Op-tee | 2026-06-05 | 4.4 Medium |
| OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when processing an FFA_MEM_SHARE request from the normal world. This only applies when OP-TEE is configured as an SPMC for S-EL0 SPs, that is, with `CFG_CORE_SEL1_SPMC=y` and `CFG_SECURE_PARTITION=y`. Version 4.11.0 fixes the issue. | ||||
| CVE-2018-12437 | 2 Libtom, Trustedfirmware | 2 Libtomcrypt, Op-tee | 2026-06-05 | 4.9 Medium |
| LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. | ||||
| CVE-2019-1010292 | 1 Trustedfirmware | 1 Op-tee | 2026-06-05 | N/A |
| Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary checks. The impact is: This could lead to corruption of any memory which the TA can access. The component is: optee_os. The fixed version is: v3.4.0. | ||||
| CVE-2019-25052 | 1 Trustedfirmware | 1 Op-tee | 2026-06-05 | 9.1 Critical |
| In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information. | ||||
| CVE-2020-13799 | 2 Trustedfirmware, Westerndigital | 7 Op-tee, Inand Cl Em132, Inand Cl Em132 Firmware and 4 more | 2026-06-05 | 6.8 Medium |
| Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe. The RPMB protocol is specified by industry standards bodies and is implemented by storage devices from multiple vendors to assist host systems in securing trusted firmware. Several scenarios have been identified in which the RPMB state may be affected by an attacker without the knowledge of the trusted component that uses the RPMB feature. | ||||
| CVE-2021-36133 | 2 Nxp, Trustedfirmware | 7 I.mx6sx, I.mx 6, I.mx 6solox and 4 more | 2026-06-05 | 7.1 High |
| The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral. | ||||
| CVE-2021-44149 | 2 Nxp, Trustedfirmware | 2 I.mx 6ultralite, Op-tee | 2026-06-05 | 7.8 High |
| An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC devices lacks security access configuration for wakeup-related registers, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a v cycle. | ||||
| CVE-2022-47549 | 1 Trustedfirmware | 1 Op-tee | 2026-06-05 | 6.4 Medium |
| An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted Execution Environment (OP-TEE) before 3.20 allows a physically proximate adversary to bypass signature verification and install malicious trusted applications via electromagnetic fault injections. | ||||
| CVE-2026-10894 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2026-06-05 | 8.3 High |
| Use after free in Printing in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-11423 | 2026-06-05 | N/A | ||
| A path traversal vulnerability exists in the Altium Enterprise Server Collaboration Service due to improper handling of user-supplied filenames in the MCAD and Simulation file download flows. A regular authenticated user can submit a collaboration message containing a crafted filename, which is later used to construct the download path on the server without validation, allowing arbitrary files to be read from the server filesystem. Because the readable files include the server's master configuration, which stores credentials for privileged accounts, exploitation can lead to authenticating as a system administrator and gaining full control of the server. Altium 365 cloud deployments are not affected. | ||||
| CVE-2020-25900 | 2026-06-05 | 5.3 Medium | ||
| HelloTalk through 3.4.1 stores full-precision GPS coordinates even when the user had intended to share only a country or city. Furthermore, these coordinates are placed into a database on the client of other users. (The client side was changed in 2019 to encrypt that database.) | ||||
| CVE-2026-25657 | 2026-06-05 | N/A | ||
| Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers from the crashes when the attack stops. | ||||
| CVE-2026-10910 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-05 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-10911 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-05 | 8.3 High |
| Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-25658 | 2026-06-05 | N/A | ||
| Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers from the crashes when the attack stops. | ||||
| CVE-2026-10913 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-06-05 | 8.8 High |
| Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-25659 | 2026-06-05 | N/A | ||
| Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers from the crashes when the attack stops. | ||||
| CVE-2026-10914 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-06-05 | 8.8 High |
| Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-10915 | 2 Apple, Google | 2 Iphone Os, Chrome | 2026-06-05 | 8.3 High |
| Use after free in Core in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||