Skip to main content

Trusted Firmware A

3 CVEs product

Monthly

CVE-2023-31339 MEDIUM This Month

Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Amd Trusted Firmware A
NVD VulDB
CVSS 3.1
4.8
EPSS
0.1%
CVE-2022-47630 HIGH PATCH This Week

Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Information Disclosure Trusted Firmware A
NVD VulDB
CVSS 3.1
7.4
EPSS
0.6%
CVE-2018-19440 MEDIUM POC PATCH This Month

ARM Trusted Firmware-A allows information disclosure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Trusted Firmware A
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
EPSS 0% CVSS 4.8
MEDIUM This Month

Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Amd Trusted Firmware A
NVD VulDB
EPSS 1% CVSS 7.4
HIGH PATCH This Week

Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Information Disclosure Trusted Firmware A
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

ARM Trusted Firmware-A allows information disclosure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Trusted Firmware A
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy