CVE-2022-20826

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance ASA Software or Cisco Firepower Threat Defense FTD Software could allow an unauthenticated attacker with physical access to the device to bypass the secure bo...

CVE-2022-28793

Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE. The patch is applied in Galaxy S22 to prevent change of Android ROT after first initialization at boot time...

CVE-2025-37960

In the Linux kernel, the following vulnerability has been resolved: memblock: Accept allocated memory before use in memblockdoublearray When increasing the array size in memblockdoublearray and the slab is not yet available, a call to memblockfindinrange is used to reserve/allocate memory. Howeve...

Alibaba Cloud Linux 3 : 0026: grub2 (ALINUX3-SA-2021:0026)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0026 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-14865: A flaw was found in the...

CVE-2025-20181

A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the...

PT-2025-20256 · Cisco · Cisco Ios

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches affected versions not specified Description: A vulnerability in the software could allow an authenticated, local attacker with high privilege levels or an...

CVE-2025-2762

CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target...

GNU GRUB Buffer Overflow Vulnerability (CNVD-2025-08311)

GNU GRUB is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in GRUB. The vulnerability stems from the fs/hfs module containing an integer overflow issue that results in heap-based out-of-bounds writes. An attacker can exploit this vulnerability to execut...

CVE-2025-0813

CWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass when an unauthorized user without permission rights has physical access to the EPAS-UI computer and is able to reboot the workstation and interrupt the normal boot process...

CVE-2025-20177

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the...

CVE-2025-20143

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges o...

CVE-2025-20177 Cisco IOS XR Software Image Verification Bypass Vulnerability

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the...

CVE-2025-20177

The CVE-2025-20177 issue affects Cisco IOS XR Software during boot. Affected component: boot verification process; root-privileged, authenticated local attacker can bypass image signature verification and load unverified software by manipulating system configuration options, potentially altering ...

PT-2025-11103 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the boot process could allow an authenticated, local attacker to bypass image signature verification and load unverified software on an affected device. The...

A dive into the Rockchip Bootloader

TL;DR Rockchip has a structured sequence of bootloaders. Using various plugs can allow access to the MCU’s RAM and storage. There are many utilities to allow reading of information from the MCU. Use this guide to access and reverse engineer bootloaders. Introduction Rockchip are a Chinese company...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the arm64 topology initialization not setting smtmask correctly before notifying the CPU to boot, which coul...

CVE-2025-1204

The CVE-2025-1204 entry concerns the Contec Health CMS8000 Patient Monitor. A firmware update binary attempts to mount to a hard-coded routable IP address, bypassing device network settings. The exploit triggers when the C button is pressed at a specific moment during boot, enabling an attacker t...

SUSE SLES15 Security Update : grub2 (SUSE-SU-2025:0587-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0587-1 advisory. - CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 - CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 ...

Security update for grub2

This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...

VulnCheck KEV: CVE-2024-41710

Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, contain an argument injection vulnerability due to insufficient parameter sanitization during the boot process. Successful exploitation may allow an attacker to execute arbitrary commands within the...