1736 matches found
CVE-2026-0715
Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu...
CVE-2026-0715
CVE-2026-0715 affects Moxa Arm-based industrial computers running Moxa Industrial Linux Secure. A device-unique bootloader password provided on the device can enable an attacker with physical access to reach the bootloader menu via a serial interface. The bootloader still enforces digital signatu...
EUVD-2026-5532
Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu...
CVE-2026-0715
Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu...
CVE-2026-0715
Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu...
MOXA UC Series 安全漏洞
The MOXA UC Series is a series of computers produced by the company MOXA. The MOXA UC Series has a security vulnerability, which stems from the unique bootloader password of the device, which could be exploited by physical accessors, potentially leading to temporary denial-of-service attacks...
PT-2026-6599
Name of the Vulnerable Software and Affected Versions Moxa Arm-based industrial computers running Moxa Industrial Linux Secure affected versions not specified Description Moxa Arm-based industrial computers running Moxa Industrial Linux Secure utilize a device-unique bootloader password provided ...
[SECURITY] Fedora 43 Update: os-autoinst-5^20260123git72cabd0-1.fc43
The OS-autoinst project aims at providing a means to run fully automated tests. Especially to run tests of basic and low-level operating system components such as bootloader, kernel, installer and upgrade, which can not easily and safely be tested with other automated testing frameworks. However,...
EulerOS 2.0 SP13 : grub2 (EulerOS-SA-2026-1222)
According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandles string...
EulerOS 2.0 SP13 : grub2 (EulerOS-SA-2026-1210)
According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandles string...
CVE-2025-59104
With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...
CVE-2026-24796
CVE-2026-24796 is described as an Out-of-bounds Read vulnerability affecting CloverBootloader (CloverHackyColor) before 5162. The issue involves modules in MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma and is associated with regparse.C. The accessible documents do not provide explicit exp...
CVE-2026-24796 A Out-of-bounds Read vulnerability in CloverHackyColor/CloverBootloader
Out-of-bounds Read vulnerability in CloverHackyColor CloverBootloader MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules. This vulnerability is associated with program files regparse.C. This issue affects CloverBootloader: before 5162...
CVE-2025-59104
With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...
CVE-2025-59104 Unlocked Bootloader in dormakaba access manager
With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...
CVE-2025-59104
The CVE-2025-59104 issue affects a dormakaba access manager where an attacker with physical access can solder to the debug footprint or connect a 6-Pin tag‑connect cable to access the bootloader. The vulnerable vector allows changing the kernel command line and ultimately obtaining a root shell. ...
CVE-2025-59104 Unlocked Bootloader in dormakaba access manager
With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...
CVE-2025-59104
With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...
Dormakaba Access Manager security vulnerabilities
Dormakaba Access Manager is a smart hardware controller developed by the American company Dormakaba. There is a security vulnerability in Dormakaba Access Manager, which stems from the ability to modify the bootloader’s command line interface physically. This vulnerability could potentially lead ...
PT-2026-4754
With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...