Security Vulnerabilities
Memory corruption while passing pages to DSP with an unaligned starting address.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07
Memory corruption when accessing resources in kernel driver.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07
Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07
Transient DOS while parsing a WLAN management frame with a Vendor Specific Information Element.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-01-07
Memory corruption occurs when a secure application is launched on a device with insufficient memory.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07
The Uniffle HTTP client is configured to trust all SSL certificates and
disables hostname verification by default. This insecure configuration
exposes all REST API communication between the Uniffle CLI/client and the
Uniffle Coordinator service to potential Man-in-the-Middle (MITM) attacks.
This issue affects all versions from before 0.10.0.
Users are recommended to upgrade to version 0.10.0, which fixes the issue.
CVSS Score
9.1
EPSS Score
0.001
Published
2026-01-07
Cryptographic issue may occur while encrypting license data.
CVSS Score
8.4
EPSS Score
0.0
Published
2026-01-07
Memory corruption while processing a secure logging command in the trusted application.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07
Memory corruption while processing identity credential operations in the trusted application.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07
Memory Corruption when multiple threads concurrently access and modify shared resources.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07