421 matches found
CVE-2025-29949
CVE-2025-29949 is an AMD ASP Boot Loader issue limited to legacy recovery mode. The connected documents confirm insufficient input parameter sanitization in the ASP Boot Loader, which could allow an out-of-bounds write that corrupts Secure DRAM and may cause a denial of service. Affected software...
CVE-2025-29949
Insufficient input parameter sanitization in AMD Secure Processor ASP Boot Loader legacy recovery mode only could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service...
CVE-2025-29949
Insufficient input parameter sanitization in AMD Secure Processor ASP Boot Loader legacy recovery mode only could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service...
CVE-2025-29949
Insufficient input parameter sanitization in AMD Secure Processor ASP Boot Loader legacy recovery mode only could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service...
PT-2026-7462
Name of the Vulnerable Software and Affected Versions AMD Secure Processor ASP Boot Loader affected versions not specified Description A flaw exists in the AMD Secure Processor ASP Boot Loader, specifically within its legacy recovery mode. This issue involves inadequate sanitization of input...
PT-2026-7464
Name of the Vulnerable Software and Affected Versions AMD Secure Processor ASP Boot Loader affected versions not specified Description A flaw exists in the AMD Secure Processor ASP Boot Loader where insufficient parameter sanitization could allow an attacker with access to SPIROM upgrade to...
CVE-2026-21265
Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes...
CVE-2021-31156
Allied Telesis AT-S115 1.2.0 devices before 1.00.024 with Boot Loader 1.00.006 allow Directory Traversal to achieve partial access to data...
CVE-2019-2267
Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networkin...
CVE-2021-27097
The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT...
CVE-2021-27138
The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992708)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992708 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: zero idisksize when initializing the bootloader inode If the boot loader inode has never...
PT-2025-53148
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to ext4 quota handling. Specifically, a bug in the es tree search function can occur due to a bad quota inode. This issue arises when the inode...
CVE-2025-47382
Memory corruption while loading an invalid firmware in boot loader...
CVE-2025-47382
Memory corruption while loading an invalid firmware in boot loader...
CVE-2025-47382
CVE-2025-47382 affects Qualcomm embedded platform firmware bootloader, where memory corruption occurs when loading invalid firmware. The root cause is an authorization mechanism deficiency within the boot process, leading to memory corruption. The CVE details indicate a local attack vector with l...
CVE-2025-47382 Incorrect Authorization in Boot
Memory corruption while loading an invalid firmware in boot loader...
CVE-2025-47382 Incorrect Authorization in Boot
Memory corruption while loading an invalid firmware in boot loader...
EUVD-2025-204024
Memory corruption while loading an invalid firmware in boot loader...
Linux Distros Unpatched Vulnerability : CVE-2025-24857
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322,...