CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

NVD•added 2026/05/13 4:16 p.m.•3 views

CVE-2026-36742

Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected hidden/debug mode...

6.8CVSS0.00024EPSS

Exploits0References2

CNNVD•added 2026/03/02 12:0 a.m.•2 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets. These vulnerabilities stem from shared VM references that allow HLOS access to bootloaders and certificate chains, potentially leading to...

7.1CVSS5.8AI score0.00014EPSS

Exploits0References1

Cvelist•added 2026/02/05 5:1 p.m.•23 views

CVE-2026-0715

Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu...

7CVSS0.0001EPSS

Exploits0References1

EUVD•added 2026/02/05 5:1 p.m.•2 views

EUVD-2026-5532

7CVSS5.8AI score0.0001EPSS

Exploits0References1

NVD•added 2026/01/26 10:16 a.m.•2 views

CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

7CVSS0.00025EPSS

Exploits0References3

CVE•added 2026/01/26 10:5 a.m.•4 views

CVE-2025-59104

The CVE-2025-59104 issue affects a dormakaba access manager where an attacker with physical access can solder to the debug footprint or connect a 6-Pin tag‑connect cable to access the bootloader. The vulnerable vector allows changing the kernel command line and ultimately obtaining a root shell. ...

7CVSS5.8AI score0.00025EPSS

Exploits0References3

ATTACKERKB•added 2026/01/26 10:5 a.m.•1 views

CVE-2025-59104

7CVSS5.8AI score0.00025EPSS

Exploits0References4

CNNVD•added 2025/12/02 12:0 a.m.•1 views

Entrust nShield Connect XC 安全漏洞

Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in Entrust nShield Connect XC that originates from a physical neighbor attacker who could access the EOL legacy bootloader...

6.8CVSS6.4AI score0.00041EPSS

Exploits1References4

Vulnrichment•added 2025/12/02 12:0 a.m.•1 views

CVE-2025-59698

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader...

6.7AI score0.00041EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-14670

Malware in sbrugna...

9.8CVSS9.4AI score0.00365EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-35641

Malicious code in bioql PyPI...

2.5CVSS6.5AI score0.00019EPSS

Exploits0References2

NVD•added 2025/09/06 5:15 p.m.•1 views

CVE-2023-31330

An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality...

2.5CVSS0.00019EPSS

Exploits0References2

Cvelist•added 2025/09/06 4:57 p.m.•5 views

CVE-2023-31330

An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality...

2.5CVSS0.00019EPSS

Exploits0References2

Packet Storm•added 2025/02/13 12:0 a.m.•585 views

Wattsense Bridge 6.x Remote Root / Information Disclosure

Wattsense Bridge suffers a multitude of security issues. The JTAG interface can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. A serial interface can be accessed with physical access to the PCB. After connecting to the...

9.8CVSS7.3AI score0.00339EPSS

Exploits1

Vulnrichment•added 2025/02/11 9:15 a.m.•17 views

CVE-2025-26409 Access to Bootloader and Shell Over Serial Interface

A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed...

6.5AI score0.00164EPSS

Exploits1References2

Positive Technologies•added 2025/02/11 12:0 a.m.•1 views

PT-2025-6173 · Wattsense · Wattsense Bridge

Name of the Vulnerable Software and Affected Versions: Wattsense Bridge devices versions prior to BSP 6.4.1 Description: A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well...

6.8CVSS7.4AI score0.00164EPSS

Exploits1References5

OSV•added 2021/08/03 3:15 p.m.•1 views

CVE-2021-27952

Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.200 device. This allows a threat actor to gain access to the password-protected bootloader environment through the serial console...

9.8CVSS7.3AI score

Exploits0References1

CNNVD•added 2021/08/03 12:0 a.m.•2 views

Ecobee Ecobee3 Lite 信任管理问题漏洞

Ecobee Ecobee3 Lite is a Wi-Fi smart thermostat from Ecobee Canada.Ecobee Ecobee3 Lite contains a security vulnerability that could be exploited by an attacker to access the password-protected bootloader environment via the serial console...

9.8CVSS5.6AI score0.00365EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by