CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass...

6.1CVSS6.8AI score0.00032EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 6:12 p.m.•4 views

CVE-2021-1043

In TBD of TBD, there is a possible downgrade attack due to under utilized anti-rollback protections. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

5.5CVSS6.2AI score0.00017EPSS

Exploits0References1

NVD•added 2024/03/25 3:15 p.m.•14 views

CVE-2024-28183

6.1CVSS6.1AI score0.00032EPSS

Exploits2References8

Cvelist•added 2024/03/25 2:31 p.m.•20 views

CVE-2024-28183 Anti Rollback bypass with physical access and TOCTOU attack

6.1CVSS6.3AI score0.00032EPSS

Exploits2References8

CVE•added 2024/03/25 2:31 p.m.•62 views

CVE-2024-28183

CVE-2024-28183 describes a TOCTOU vulnerability in the ESP-IDF bootloader of Espressif SoCs. An attacker with physical access to device flash can bypass anti-rollback protection by altering flash contents after anti-rollback checks but before loading the application, enabling boot of partitions w...

6.1CVSS6.1AI score0.00032EPSS

Exploits2References8Affected Software1

Vulnrichment•added 2024/03/25 2:31 p.m.•13 views

CVE-2024-28183 Anti Rollback bypass with physical access and TOCTOU attack

6.1CVSS6.8AI score0.00032EPSS

Exploits2References8

OSV•added 2024/03/25 2:31 p.m.•16 views

CVE-2024-28183 Anti Rollback bypass with physical access and TOCTOU attack

6.1CVSS5.9AI score0.00032EPSS

Exploits2References10

CNNVD•added 2024/03/25 12:0 a.m.•3 views

ESP-IDF 安全漏洞

ESP-IDF is an open source development framework for Espressif SoCs supported on Windows, Linux and macOS by Espressif Systems. ESP-IDF has a security vulnerability that stems from the presence of a TOCTOU vulnerability. The vulnerability allows an attacker with physical access to the device's fla...

6.1CVSS5.9AI score0.00032EPSS

Exploits2References9

Positive Technologies•added 2024/03/25 12:0 a.m.•5 views

PT-2024-4251

Name of the Vulnerable Software and Affected Versions ESP-IDF versions prior to 4.4.7 ESP-IDF versions prior to 5.2.1 Description A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader, which could allow an attacker with physical access ...

6.1CVSS6.1AI score0.00032EPSS

Exploits2References19

SUSE CVE•added 2023/02/15 3:50 a.m.•1 views

SUSE CVE-2021-1043

5.5CVSS5.6AI score0.00017EPSS

Exploits0References3

NVD•added 2021/12/15 7:15 p.m.•8 views

CVE-2021-1043

5.5CVSS0.00017EPSS

Exploits0References1

Prion•added 2021/12/15 7:15 p.m.•10 views

Information disclosure

2.1CVSS5.2AI score0.00017EPSS

Exploits0References1

Cvelist•added 2021/12/15 6:5 p.m.•15 views

CVE-2021-1043

5.4AI score0.00017EPSS

Exploits0References1

CVE•added 2021/12/15 6:5 p.m.•58 views

CVE-2021-1043

CVE-2021-1043 affects Google Pixel devices (Pixel/Titan-M) as documented in the Pixel Update Bulletin. The issue is described as a downgrade attack due to under-utilized anti-rollback protections, enabling local information disclosure without additional execution privileges. Affected component: T...

5.5CVSS5.1AI score0.00017EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by