69 matches found
EUVD-2026-36506
NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap out-of-bounds read exists in the Android Verified Boot AVB vbmeta image parser in NanaZip via the upstream 7-Zip AvbHandler. An unsigned integer underflow in a...
CVE-2022-38773
Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary cod...
EUVD-2017-16394
Malware in sbrugna...
EUVD-2017-2715
Malware in sbrugna...
EUVD-2017-2675
Malware in sbrugna...
EUVD-2019-11920
Malware in sbrugna...
EUVD-2021-22171
Malware in sbrugna...
EUVD-2019-2296
Malware in sbrugna...
EUVD-2014-9601
Malware in sbrugna...
EUVD-2014-1003
Malware in sbrugna...
EUVD-2021-31653
Malicious code in bioql PyPI...
EUVD-2025-18362
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-3850
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 2013 devices allows attackers to gain...
CVE-2019-2278
User keystore signature is ignored in boot and can lead to bypass boot image signature verification in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in MDM9607, MDM9640, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SDM660...
CVE-2019-10492
Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 820, SD 820A, SDM439...
Cisco IOS XR 安全漏洞
Cisco IOS XR is a set of operating systems developed by Cisco USA for its network devices. A security vulnerability exists in Cisco IOS XR that stems from incomplete file validation during boot validation, which could allow a local attacker to bypass image signature verification...
CVE-2024-38433 Nuvoton - CWE-305: Authentication Bypass by Primary Weakness
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution...
CVE-2024-38433 Nuvoton - CWE-305: Authentication Bypass by Primary Weakness
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution...
Nuvoton NPCM7xx Security Vulnerability
Nuvoton NPCM7xx is a server remote management control chip from Nuvoton China. A security vulnerability exists in Nuvoton NPCM7xx Poleg BootBlock versions prior to v10.10.19, which originates from bypassing authentication via a major weakness, and can be exploited to modify the u-boot image heade...
CVE-2023-28002
An improper validation of integrity check value vulnerability CWE-354 in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and VMs may allow a local attacker with admin privileges to boot a malicious image on the device and bypass the filesyst...