Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 07 May 2026 05:38:00 +0000 65a0432f-485a-414f-b17b-9f76ca606b67 https://db.gcve.eu/sighting/65a0432f-485a-414f-b17b-9f76ca606b67/export {"uuid": "65a0432f-485a-414f-b17b-9f76ca606b67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-Q84W-P2G5-RXW9", "type": "seen", "source": "https://t.me/arpsyndicate/624", "content": "#ExploitObserverAlert\n\nGHSA-q84w-p2g5-rxw9\n\nDESCRIPTION: Exploit Observer has 3 entries related to GHSA-Q84W-P2G5-RXW9. The Texas Instruments OMAP L138 (secure variants) trusted execution environment (TEE) lacks a bounds check on the signature size field in the SK_LOAD module loading routine, present in mask ROM. A module with a sufficiently large signature field causes a stack overflow, affecting secure kernel data pages. This can be leveraged to obtain arbitrary code execution in secure supervisor context by overwriting a SHA256 function pointer in the secure kernel data area when loading a forged, unsigned SK_LOAD module encrypted with the CEK (obtainable through CVE-2022-25332). This constitutes a full break of the TEE security architecture.\n\nGHSS: 8.2", "creation_timestamp": "2023-11-28T00:57:29.000000Z"} {"uuid": "65a0432f-485a-414f-b17b-9f76ca606b67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-Q84W-P2G5-RXW9", "type": "seen", "source": "https://t.me/arpsyndicate/624", "content": "#ExploitObserverAlert\n\nGHSA-q84w-p2g5-rxw9\n\nDESCRIPTION: Exploit Observer has 3 entries related to GHSA-Q84W-P2G5-RXW9. The Texas Instruments OMAP L138 (secure variants) trusted execution environment (TEE) lacks a bounds check on the signature size field in the SK_LOAD module loading routine, present in mask ROM. A module with a sufficiently large signature field causes a stack overflow, affecting secure kernel data pages. This can be leveraged to obtain arbitrary code execution in secure supervisor context by overwriting a SHA256 function pointer in the secure kernel data area when loading a forged, unsigned SK_LOAD module encrypted with the CEK (obtainable through CVE-2022-25332). This constitutes a full break of the TEE security architecture.\n\nGHSS: 8.2", "creation_timestamp": "2023-11-28T00:57:29.000000Z"} https://db.gcve.eu/sighting/65a0432f-485a-414f-b17b-9f76ca606b67/export Tue, 28 Nov 2023 00:57:29 +0000