CVE-2020-10850

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos chipsets software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 January 2020...

CVE-2023-43122

Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, and W920 allow Information Disclosure in the Bootloader...

CVE-2022-37908

An authenticated attacker can impact the integrity of the ArubaOS bootloader on 7xxx series controllers. Successful exploitation can compromise the hardware chain of trust on the impacted controller...

CVE-2021-27430

GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials. Additionally, a user with physical access to the UR IED can interrupt the boot sequence by rebooting the UR...

Amazon Linux 2023 : grub2-common, grub2-efi-aa64, grub2-efi-aa64-cdboot (ALAS2023-2025-1342)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1342 advisory. A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the...

CVE-2019-16258

The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal UART interface...

Medium: grub2

Issue Overview: A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory...

Medium: grub2

Issue Overview: A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory...

K000158952: Intel UEFI vulnerability CVE-2025-35968

Security Advisory Description Protection mechanism failure in the UEFI firmware for the Slim Bootloader within firmware may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This resul...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992588)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992588 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: zero idisksize when initializing the bootloader inode If the boot loader inode has never...

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from a memory corruption when loading invalid firmware in the bootloader...

CVE-2025-36744

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information...

CVE-2025-36744

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information...

CVE-2025-36744

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information...

EUVD-2025-203083

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information...

CVE-2025-36744

CVE-2025-36744 affects SolarEdge SE3680H hardware. The issue is an unauthenticated disclosure of sensitive information during the bootloader loop: as the device reinitializes and waits for boot instructions, the bootloader emits diagnostic output that can leak operating system information. This d...

CVE-2025-36744 SolarEdge SE3680H - Information Exposure during Bootloader Loop

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information...

CVE-2025-36744 SolarEdge SE3680H - Information Exposure during Bootloader Loop

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information...

OESA-2025-2795 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free...

PT-2025-50935

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information...