1016 items
Unread (2155) All Dismissed
HIGH
CVE-2017-9607 (CVSS 7) — The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbi...
NVD CVE-2017-9607 3181d ago
HIGH
CVE-2017-14032 (CVSS 8.1) — ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows re...
NVD CVE-2017-14032 3202d ago
HIGH
CVE-2017-2784 (CVSS 8.1) — An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ...
NVD CVE-2017-2784 3334d ago
HIGH
CVE-2016-9367 (CVSS 7.5) — An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...
NVD CVE-2016-9367 3400d ago
HIGH
CVE-2016-9365 (CVSS 8.8) — An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...
NVD CVE-2016-9365 3400d ago
HIGH
CVE-2016-9363 (CVSS 7.3) — An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...
NVD CVE-2016-9363 3400d ago
HIGH
CVE-2016-6129 (CVSS 7.5) — The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0,...
NVD CVE-2016-6129 3400d ago
HIGH
CVE-2016-10012 (CVSS 7.8) — The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before...
NVD CVE-2016-10012 3439d ago
HIGH
CVE-2016-10010 (CVSS 7) — sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain soc...
NVD CVE-2016-10010 3439d ago
HIGH
CVE-2016-10009 (CVSS 7.3) — Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote ...
NVD CVE-2016-10009 3439d ago
HIGH
CVE-2016-9158 (CVSS 7.5) — A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU ...
NVD CVE-2016-9158 3458d ago
HIGH
CVE-2016-8858 (CVSS 7.5) — The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers t...
NVD CVE-2016-8858 3466d ago
HIGH
CVE-2016-2183 (CVSS 7.5) — The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and...
NVD CVE-2016-2183 3565d ago
HIGH
CVE-2016-5645 (CVSS 7.3) — Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L3...
NVD CVE-2016-5645 3573d ago
HIGH
CVE-2015-8325 (CVSS 7.8) — The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature i...
NVD CVE-2015-8325 3688d ago
HIGH
CVE-2016-0778 (CVSS 8.1) — The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5....
NVD CVE-2016-0778 3796d ago
HIGH NVD Wed, 20 Sep 2017 16:29:00 UTC
CVE-2017-9607 (CVSS 7) — The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbi...
https://nvd.nist.gov/vuln/detail/CVE-2017-9607
TL;DR
The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an integer overflow.
CVE-2017-9607
Read full story ↗