Integer overflow

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. The bootloader has an integer signedness error. The Samsung ID is SVE-2019-15230 October 2019...

Buffer overflow

An issue was discovered on Samsung mobile devices with P9.0 devices Qualcomm chipsets software. There is a buffer overflow in the bootloader. The Samsung ID is SVE-2019-15399 November 2019...

CVE-2019-20594

Affected software/hardware: Samsung mobile devices with O(8.1) and P(9.0) on Exynos chipsets. Vulnerability: a heap overflow in the bootloader. Root cause: heap overflow in bootloader code (unspecified module) leading to potential impact on device integrity. Impact: Partial to high in CVSS terms ...

CVE-2019-20594

An issue was discovered on Samsung mobile devices with O8.1 and P9.0 Exynos chipsets software. A heap overflow exists in the bootloader. The Samsung ID is SVE-2019-14371 July 2019...

CVE-2019-20567

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. A upparm heap overflow leads to code execution in the bootloader. The Samsung ID is SVE-2019-14993 September 2019...

CVE-2019-20567

The CVE-2019-20567 issue affects Samsung mobile devices running N(7.x), O(8.x), and P(9.0) on Exynos chipsets. The root cause is a heap overflow in up_parm, which leads to code execution in the bootloader. Documented impact is high/severe (bootloader code execution possible). Exploitation details...

CVE-2019-20561

CVE-2019-20561 refers to a vulnerability in Samsung mobile devices with N(7.x), O(8.x), and P(9.0) Exynos chipsets where the bootloader contains an integer signedness error (Samsung ID SVE-2019-15230). Public documents across NVD and Red Hat cite the same issue; no product-specific exploit detail...

CVE-2019-20561

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. The bootloader has an integer signedness error. The Samsung ID is SVE-2019-15230 October 2019...

CVE-2020-10850

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos chipsets software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 January 2020...

CVE-2020-10850

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos chipsets software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 January 2020...

Buffer overflow

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos chipsets software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 January 2020...

CVE-2019-20548

CVE-2019-20548 affects Samsung mobile devices with P(9.0) software on Qualcomm chipsets. The root cause is a buffer overflow in the bootloader , enabling potential arbitrary execution on affected devices. The vulnerability has a high to critical impact profile (NVD CVSS v3.1: 9.8, network attack ...

CVE-2020-10850

The CVE-2020-10850 entry describes a buffer overflow in the secure bootloader USB path on Samsung mobile devices with Exynos SoCs (Android O[8.x], P[9.0], Q[10.0]), enabling arbitrary code execution. The issue is tied to the secure bootloader’s handling of USB buffers (root cause: buffer overflow...

Linux: Read GRUB config files (KB)

The GRUB Grand Unified Bootloader is a bootloader available from the GNU project. A bootloader is very important as it is impossible to start an operating system without it. It is the first program which starts when the program is switched on. The bootloader transfers the control to the operating...

homee Brain Cube Access Control Error Vulnerability

Homee Brain Cube is a smart home central control unit from Homee Germany. An access control error vulnerability exists in the bootloader in Homee Brain Cube V2 2.23.0 and earlier versions, which can be exploited by an attacker to gain root privileges by manipulating the U-Boot environment via the...

CVE-2019-16258

The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal UART interface...

Hardcoded credentials

The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal UART interface...

CVE-2019-16258

The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal UART interface...

CVE-2019-16258

The CVE-2019-16258 issue affects the homee Brain Cube V2 bootloader up to version 2.23.0. Affected component: bootloader/U-Boot environment accessible via internal UART. Root access can be gained by attackers with physical access who manipulate the U-Boot environment through the CLI after connect...

DEBIAN-CVE-2020-10648

Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration...