CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is a stack-based buffer overflow in the nfshandler reply helper function: nfsumountallreply...

9.8CVSS7.6AI score0.00559EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with an unvalidated length at nfsreadlinkreply, located in the “if” block, after calculating the new path length...

9.8CVSS7AI score0.00491EPSS

CNNVD•added 2026/05/11 12:0 a.m.•6 views

Barebox 输入验证错误漏洞

Barebox is a versatile and flexible bootloader developed by Barebox Open Source. Versions of barebox prior to 2026.04.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows and unvalidated boundaries within the EFI PE loader, which could...

8.6CVSS6.1AI score0.00019EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в grub2

A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader improperly handles string conversions when reading information from a USB device, allowing an attacker to exploit inconsistencies in the length values. A local attacker can...

4.8CVSS5.6AI score0.00027EPSS

RedhatCVE•added 2026/03/26 5:0 p.m.•2 views

CVE-2026-20104

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...

NVD•added 2026/03/25 4:16 p.m.•2 views

CVE-2026-20104

6.1CVSS0.00054EPSS

Cvelist•added 2026/03/25 4:5 p.m.•20 views

CVE-2026-20104

6.1CVSS0.00054EPSS

CVE•added 2026/03/25 4:5 p.m.•39 views

CVE-2026-20104

Cisco IOS XE bootloader vulnerability (CVE-2026-20104) affects Catalyst 9200 series, ESS9300 Embedded, IE9310/IE9320 Rugged, and IE3500/IE3505 Rugged switches. Root cause: insufficient validation of boot-time software, allowing manipulation of loaded binaries to bypass boot-time integrity checks ...

Cisco•added 2026/03/25 4:0 p.m.•19 views

Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability

Positive Technologies•added 2026/03/25 12:0 a.m.•2 views

PT-2026-27792

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches Cisco Catalyst ESS9300 Embedded Series Switches Cisco Catalyst IE9310 and IE9320 Rugged Series Switches Cisco IE3500 and IE3505 Rugged Series Switches Description A flaw exists in t...

RedHat Linux•added 2026/03/18 9:18 a.m.•4 views

Exploits0References4

grub2: Missing unregister call for gettext command may lead to use-after-free

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

7.8CVSS5.8AI score0.00017EPSS

Exploits0References5

OSV•added 2026/01/14 4:15 p.m.•1 views

CVE-2025-67399

An issue in AIRTH SMART HOME AQI MONITOR Bootloader v.1.005 allows a physically proximate attacker to obtain sensitive information via the UART port of the BK7231N controller Wi-Fi and BLE module on the device is open to access...

4.6CVSS5.8AI score0.00028EPSS

NVD•added 2026/01/14 4:15 p.m.•0 views

CVE-2025-67399

4.6CVSS0.00028EPSS

CNNVD•added 2026/01/14 12:0 a.m.•2 views

AIRTH SMART HOME AQI MONITOR Bootloader 安全漏洞

The AIRTH SMART HOME AQI MONITOR Bootloader is the underlying software for an air quality detector from AIRTH India. A security vulnerability exists in AIRTH SMART HOME AQI MONITOR Bootloader version 1.005, which originates from physical proximity Attackers can access the BK7231N controller throu...

4.6CVSS6.2AI score0.00028EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 10:6 a.m.•3 views

CVE-2019-20561

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. The bootloader has an integer signedness error. The Samsung ID is SVE-2019-15230 October 2019...

9.8CVSS7.2AI score0.00147EPSS

RedhatCVE•added 2026/01/09 9:31 a.m.•6 views

CVE-2023-43122

Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, and W920 allow Information Disclosure in the Bootloader...

4.8CVSS6.9AI score0.00041EPSS

RedhatCVE•added 2026/01/07 9:30 a.m.•5 views

CVE-2019-16258

The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal UART interface...

7.2CVSS6.9AI score0.00119EPSS

CNNVD•added 2025/12/18 12:0 a.m.•2 views

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from a memory corruption when loading invalid firmware in the bootloader...

7.8CVSS6.7AI score0.00015EPSS