Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Azure_sphere
(Microsoft)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 29 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-08-12 | CVE-2021-26429 | Azure Sphere Elevation of Privilege Vulnerability | Azure_sphere | 7.7 | ||
2021-08-12 | CVE-2021-26430 | Azure Sphere Denial of Service Vulnerability | Azure_sphere | 6.0 | ||
2021-09-15 | CVE-2021-36956 | Azure Sphere Information Disclosure Vulnerability | Azure_sphere | 4.4 | ||
2021-11-10 | CVE-2021-41374 | Azure Sphere Information Disclosure Vulnerability | Azure_sphere | 6.7 | ||
2021-11-10 | CVE-2021-41375 | Azure Sphere Information Disclosure Vulnerability | Azure_sphere | 4.4 | ||
2021-11-10 | CVE-2021-41376 | Azure Sphere Information Disclosure Vulnerability | Azure_sphere | 2.3 | ||
2021-11-10 | CVE-2021-42300 | Azure Sphere Tampering Vulnerability | Azure_sphere | 6.0 | ||
2022-08-09 | CVE-2022-35821 | Azure Sphere Information Disclosure Vulnerability | Azure_sphere | 4.4 | ||
2020-12-22 | CVE-2020-35609 | A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability. | Azure_sphere | 5.5 | ||
2020-12-22 | CVE-2020-35608 | A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AF_PACKET socket can cause a process to create an executable memory mapping with controllable content. An attacker can execute a shellcode that uses the PACKET_MMAP functionality to trigger this vulnerability. | Azure_sphere | 7.8 |