CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

160 matches found

CNNVD•added 2025/12/18 12:0 a.m.•4 views

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from a memory corruption when loading invalid firmware in the bootloader...

7.8CVSS6.7AI score0.00076EPSS

Exploits0References1

ICS•added 2025/12/09 7:0 a.m.•6 views

Universal Boot Loader (U-Boot) (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

7.6CVSS7.5AI score0.00239EPSS

Exploits0References11

RedhatCVE•added 2025/12/03 2:2 p.m.•4 views

CVE-2025-58476

Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory...

4.6CVSS6.4AI score0.00123EPSS

Exploits0References1

CVE•added 2025/12/02 1:24 a.m.•8 views

CVE-2025-58476

CVE-2025-58476 describes an out-of-bounds read in the bootloader before the SMR Dec-2025 Release 1, enabling physical attackers to access memory beyond bounds. Affected: Samsung mobile bootloader (prior to the referenced SMR). Root cause and exact vulnerable component are not detailed beyond “boo...

4.6CVSS6AI score0.00123EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/12/02 12:0 a.m.•5 views

PT-2025-48594

Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory...

4.2CVSS6.4AI score0.00123EPSS

Exploits0References2

EUVD•added 2025/11/18 6:20 p.m.•2 views

EUVD-2025-198079

A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...

4.9CVSS6.5AI score0.00121EPSS

Exploits0References3

Debian CVE•added 2025/11/18 6:20 p.m.•4 views

CVE-2025-61661

A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a malicious...

4.8CVSS5.2AI score0.00168EPSS

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2014-4253

Malware in sbrugna...

7.2CVSS7.6AI score0.00391EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2019-15275

Malware in sbrugna...

7.8CVSS7.6AI score0.0067EPSS

Exploits0References3