Search Results | AttackerKB

Show filters

Topics 23 Users 9,710

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

23 Total Results

Displaying 11-20 of 23

Attacker Value

Unknown

CVE-2019-1010292

Disclosure Date: July 16, 2019 (last updated November 27, 2024)

Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary checks. The impact is: This could lead to corruption of any memory which the TA can access. The component is: optee_os. The fixed version is: v3.4.0.

0

Attacker Value

Unknown

CVE-2019-1010297

Disclosure Date: July 15, 2019 (last updated November 27, 2024)

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core (kernel) context. The component is: optee_os. The fixed version is: 3.4.0 and later.

0

Attacker Value

Unknown

CVE-2019-1010296

Disclosure Date: July 15, 2019 (last updated November 27, 2024)

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later.

0

Attacker Value

Unknown

CVE-2019-1010295

Disclosure Date: July 15, 2019 (last updated November 27, 2024)

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Memory corruption and disclosure of memory content. The component is: optee_os. The fixed version is: 3.4.0 and later.

0

Attacker Value

Unknown

CVE-2019-1010293

Disclosure Date: July 15, 2019 (last updated November 27, 2024)

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Boundary crossing. The impact is: Memory corruption of the TEE itself. The component is: optee_os. The fixed version is: 3.4.0 and later.

0

Attacker Value

Unknown

CVE-2019-1010298

Disclosure Date: July 15, 2019 (last updated November 27, 2024)

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later.

0

Attacker Value

Unknown

CVE-2019-1010294

Disclosure Date: July 15, 2019 (last updated November 27, 2024)

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: optee_os. The fixed version is: 3.4.0 and later.

0

Attacker Value

Unknown

CVE-2018-12565

Disclosure Date: June 19, 2018 (last updated November 26, 2024)

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load() instead of yaml.safe_load() when parsing user data, remote code execution can occur.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2018-12563

Disclosure Date: June 19, 2018 (last updated November 26, 2024)

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavaserver and valid yaml.

0

Attacker Value

Unknown

CVE-2018-12564

Disclosure Date: June 19, 2018 (last updated November 26, 2024)

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and valid yaml.

0