421 matches found
CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
UBUNTU-CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
CVE-2024-38807
CVE-2024-38807 describes a signature forgery vulnerability in VMware Spring Boot/loader components where signature verification of nested JARs can be bypassed, enabling content signed by one signer to appear signed by another. The NVD summary matches this description. Connected advisories identif...
CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
PT-2024-11054 · Amd · Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics +22
Name of the Vulnerable Software and Affected Versions: Insufficient information is provided to determine the specific software and versions affected. Description: The issue is related to insufficient input validation in the ABL, which may allow a privileged attacker with access to the BIOS menu o...
The vulnerability of the U-Boot network media player Chromecast’s downloader allows a hacker to bypass the secure download mechanism.
The vulnerability of the U-Boot network media player Chromecast relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to bypass the secure download mechanism...
grub2 security update
An update is available for grub2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a...
OESA-2024-1714 grub2 security update
GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder.CVE-2021-46848...
OESA-2024-1700 grub2 security update
GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder.CVE-2021-46848...
Moderate: Red Hat Security Advisory: grub2 security update
An update for grub2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
kernel: ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
A flaw was identified in the ext4 filesystem implementation in the Linux kernel where a malformed or improperly initialized boot loader inode could trigger a BUGON condition inside the estreesearch function. This occurs when the inode’s mode imode is an unexpected type and the code does not...
ALSA-2024:3184 Moderate: grub2 security update
The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2:...
CVE-2024-32741
A vulnerability has been identified in SIMATIC CN 4100 All versions V3.0. The affected device contains hard coded password which is used for the privileged system user root and for the boot loader GRUB by default . An attacker who manages to crack the password hash gains root access to the device...
kernel: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4IGETBAD flag to prevent unexpected bad inode There are many places that will get unhappy and crash when ext4iget returns a bad inode. However, if iget the boot loader inode, allows a bad inode to be returned, becaus...
kernel: ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
A flaw was identified in the ext4 filesystem implementation in the Linux kernel where a malformed or improperly initialized boot loader inode could trigger a BUGON condition inside the estreesearch function. This occurs when the inode’s mode imode is an unexpected type and the code does not...
Important: Red Hat Security Advisory: shim security update
An update for shim is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Moderate: Red Hat Security Advisory: grub2 security update
An update for grub2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: shim security update
An update for shim is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: shim security update
An update for shim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: shim bug fix update
An update for shim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...