Lucene search
K

10466 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:26 p.m.7 views

CVE-2018-12012

While updating blacklisting region shared buffered memory region is not validated against newly updated black list, causing boot-up to be compromised in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrago...

7.8CVSS7.4AI score0.00208EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:14 p.m.9 views

CVE-2018-9364

In the LG LAF component, there is a special command that allowed modification of certain partitions. This could lead to bypass of secure boot. User interaction is not needed for exploitation...

7.5CVSS9.2AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:10 p.m.10 views

CVE-2018-18558

An issue was discovered in Espressif ESP-IDF 2.x and 3.x before 3.0.6 and 3.1.x before 3.1.1. Insufficient validation of input data in the 2nd stage bootloader allows a physically proximate attacker to bypass secure boot checks and execute arbitrary code, by crafting an application binary that...

6.9CVSS7.5AI score0.0039EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:24 a.m.4 views

CVE-2021-31156

Allied Telesis AT-S115 1.2.0 devices before 1.00.024 with Boot Loader 1.00.006 allow Directory Traversal to achieve partial access to data...

7.5CVSS6.8AI score0.00954EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:53 a.m.7 views

CVE-2022-23968

Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a permanent denial of service because image parsing causes a reboot, but image parsing is restarted as so...

7.8CVSS7.3AI score0.01895EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:52 a.m.6 views

CVE-2022-33967

squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service DoS condition or arbitrary code...

7.8CVSS7.6AI score0.00516EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:40 a.m.6 views

CVE-2022-35897

An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. If the attacker modifies specific UEFI variables, it can cause a stack overflow, leading to arbitrary code execution. The specific variables are normally...

6.8CVSS8.5AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:18 a.m.5 views

CVE-2019-18216

The BIOS configuration design on ASUS ROG Zephyrus M GM501GS laptops with BIOS 313 relies on the main battery instead of using a CMOS battery, which reduces the value of a protection mechanism in which booting from a USB device is prohibited. Attackers who have physical laptop access can exhaust...

7.2CVSS6.8AI score0.00376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:16 a.m.4 views

CVE-2019-2267

Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networkin...

7.8CVSS7.2AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:11 a.m.9 views

CVE-2019-11690

genranduuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIGRANDOMUUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device...

5.9CVSS6.7AI score0.0119EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:9 a.m.11 views

CVE-2019-11059

Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow...

9.8CVSS7AI score0.019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.6 views

CVE-2019-20578

An issue was discovered on Samsung mobile devices with P9.0 Exynos 9820 chipsets software. A Buffer overflow occurs when loading the UH Partition during Secure Boot. The Samsung ID is SVE-2019-14412 August 2019...

9.8CVSS7.3AI score0.0044EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.6 views

CVE-2020-24637

Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an attacker to load an untrusted or modified kernel in Aruba 9000 Gateway; Aruba 7000...

9CVSS6.9AI score0.01551EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/01/09 9:31 a.m.8 views

ai.houyi:dorado (>=0.0.1 <=0.0.8), ai.houyi:dorado-core (>=0.0.11 <=0.0.51) +3602 more potentially affected by CVE-2025-70974 via com.alibaba:fastjson (>=1.1.15 <=1.2.47)

com.alibaba:fastjson MAVEN version =1.1.15, =0.0.1, =0.0.11, =0.0.16, =0.0.1, =0.0.14, =0.0.47, =0.0.14, =0.3.0, =3.0.0, =1.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2025-70974 Source advisory: OSV:GHSA-JM7W-5684-PVH8...

10CVSS7.8AI score0.0069EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:28 a.m.7 views

CVE-2023-49721

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...

6.7CVSS6.7AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:27 a.m.9 views

CVE-2023-45626

An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles...

7.2CVSS7.3AI score0.00942EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.4 views

CVE-2022-38773

Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary cod...

6.8CVSS6.8AI score0.00293EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:13 a.m.8 views

CVE-2022-37904

Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achieve permanent modification of the underlying operating system...

8.8CVSS7.8AI score0.00691EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:13 a.m.6 views

CVE-2022-37905

Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achieve permanent modification of the underlying operating system...

8.8CVSS7.8AI score0.00747EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.5 views

CVE-2023-43633

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions...

8.8CVSS6.8AI score0.0016EPSS
Exploits0References1
Rows per page
Query Builder