Vulnerabilities in ARM
15 resultsCVE-2017-2784HIGHAn exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2EPSS 3.4%CVE-2021-27435HIGHARM mbed Integer Overflow or WraparoundEPSS 1.6%CVE-2021-27433HIGHARM mbed-ualloc memory library Integer Overflow or WraparoundEPSS 1.6%CVE-2021-27431HIGHARM CMSIS RTOS2 Integer Overflow or WraparoundEPSS 1.0%CVE-2025-10263CRITICALArm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-EPSS 0.7%CVE-2024-5660CRITICALUse of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-AEPSS 0.5%CVE-2024-11864HIGHSCP-Firmware VulnerabilityEPSS 0.5%CVE-2024-0151MEDIUMInsufficient argument checking in Secure state Entry functions in software using Cortex-M Security Extensions (CMSE), that has been compiledEPSS 0.4%CVE-2024-11863MEDIUMSCP-Firmware VulnerabilityEPSS 0.4%CVE-2024-9413HIGHThe transport_message_handler function in SCP-Firmware release versions 2.11.0-2.15.0 does not properly handle errors, potentially allowing EPSS 0.4%CVE-2024-7881MEDIUMAn unprivileged context can trigger a data
memory-dependent prefetch engine to fetch the contents of a privileged location
and consume thoseEPSS 0.2%CVE-2024-10929MEDIUMSpectre-BSEEPSS 0.2%CVE-2025-7427MEDIUMUncontrolled Search Path Element in Arm Development Studio before 2025EPSS 0.2%CVE-2025-0647HIGHIn certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to thEPSS 0.2%CVE-2026-0995LOWAn issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensure the completiEPSS 0.1%