1768 matches found
CVE-2017-5626
CVE-2017-5626 affects OnePlus OnePlus 3/3T with OxygenOS before 4.0.2. The vulnerability hinges on two hidden fastboot oem commands (4F500301 and 4F500302) that bypass the bootloader lock, ignore OEM Unlocking, and do not require user confirmation or data erasure. Exploitation was demonstrated by...
CVE-2017-5626
OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden fastboot oem commands 4F500301 and 4F500302 that allow the attacker to lock/unlock the bootloader, disregarding the 'OEM Unlocking' checkbox, without user confirmation and without a factory reset. This allows for persistent code...
Google Pixel Qualcomm Bootloader Information Disclosure Vulnerability (CNVD-2017-03822)
Android on Pixel and Pixel XL is a Linux-based open source operating system for the Pixel and Pixel XL smartphones developed by Google and the Open Handset Alliance OHA in the U.S. The Qualcomm bootloader is a U.S.-developed bootloader used in the Pixel and Pixel XL. Qualcomm bootloader is a...
UBUNTU-CVE-2017-0455
An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit...
CVE-2017-0455
An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit...
Information disclosure
An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit...
CVE-2017-0455
An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit...
CVE-2017-0455
An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit...
CVE-2017-0455
CVE-2017-0455 is an information-disclosure vulnerability in the Qualcomm bootloader that could allow a local malicious app to execute arbitrary code within the bootloader context on affected Android devices (Kernel 3.18). CNVD/OSV entries tie it to Google Pixel devices (Pixel/Pixel XL); Nessus no...
CVE-2017-0455
An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit...
Huawei Honor 5A Bootloader Buffer Overflow Vulnerability
The Huawei Honor 5A Smart Phone is a smartphone from the Chinese company Huawei Huawei. A buffer overflow vulnerability exists in the Huawei Honor 5A Bootloader, as the program fails to adequately detect the parameter, an attacker can trick the user into installing a malicious application to...
Get a locked OnePlus 3/3T: boot loader vulnerability-vulnerability warning-the black bar safety net
In this article, I disclosed the OnePlus 3/3T boot loader in the two holes. The first CVE-2017-5626 is the impact of OxygenOS 3.2-4.0.1(4.0.2 to patch high-risk vulnerabilities. The vulnerability allows a physical opponent or use ADB/ FASTBOOT access to bypass the bootloader lock state, even if t...
OnePlus 3/3T Bypassing the Bootloader’s Lock (CVE-2017-5626)
Bypassing the Bootloader’s Lock CVE-2017-5626 OnePlus 3 & 3T running OxygenOS 3.2 - 4.0.1 had two proprietary fastboot oem commands: 1. fastboot oem 4F500301 – bypasses the bootloader’s lock – allowing one with fastboot access to effectively unlock the device, disregarding OEM Unlocking, without...
Exploit the vulnerability to unlock the hammer T1/2 phone in bootloader-vulnerability warning-the black bar safety net
Author: Pangu lab About the bootloader lock Smartisan is a mobile phone is one of the few attracted to industrial design and user experience. Luo cross-border too much, but also inevitably lead to its initial idea and the reality gap. the bootloader really locked or not locked, or even had been a...
ALPINE-CVE-2016-9380
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file...
ALPINE-CVE-2016-9379
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...
CVE-2016-9379
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...
CVE-2016-9380
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file...
DEBIAN-CVE-2016-9380
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file...
CVE-2016-9380
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file...