CVE-2023-21473

Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader...

CVE-2023-21472

Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader...

CVE-2023-21472

Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader...

CVE-2023-21472

CVE-2023-21472 concerns the Exynos Fastboot USB Interface on Samsung Mobile devices prior to SMR Apr-2023 Release 1. The flaw is an improper input validation in the USB bootloader interface, enabling a physical attacker with access to the device to execute arbitrary code in the bootloader. The af...

PT-2025-35665

Name of the Vulnerable Software and Affected Versions: Exynos Fastboot USB Interface versions prior to SMR Apr-2023 Release 1 Description: The Exynos Fastboot USB Interface contains an improper input validation flaw. This allows a physical attacker to execute arbitrary code in the bootloader...

PT-2025-35666

Name of the Vulnerable Software and Affected Versions: Exynos Fastboot USB Interface versions prior to SMR Apr-2023 Release 1 Description: The Exynos Fastboot USB Interface is susceptible to improper input validation. This allows a physical attacker to execute arbitrary code in the bootloader...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Apr-2023 Release 1, which stems from improper input validation and cou...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Apr-2023 Release 1, which stems from improper input validation and cou...

PUB-A-418774137

In drawsurfaceimage of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for...

Linux Distros Unpatched Vulnerability : CVE-2020-14311

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of...

Linux Distros Unpatched Vulnerability : CVE-2019-14192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflo...

Linux Distros Unpatched Vulnerability : CVE-2018-1000205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack...

Linux Distros Unpatched Vulnerability : CVE-2017-3225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's u...

Linux Distros Unpatched Vulnerability : CVE-2025-45512

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot U-Boot v1.1.3 allows attackers to install crafted firmware files,...

GNU GRUB Null Pointer Dereference Vulnerability

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a null pointer dereference vulnerability that stems from not properly setting ERRNO when an HFS+grub mount fails, which can lead to null pointer access. An attacker can exploit this vulnerability to perform...

Linux Distros Unpatched Vulnerability : CVE-2025-4382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto- decryption. When GRUB is set to automatically decrypt disks...

Linux Distros Unpatched Vulnerability : CVE-2024-56737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem. CVE-2024-56737 Note that Nessus relie...

CVE-2025-27846

In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain elevated privileges because GRUB and the BIOS are unprotected...

CVE-2025-27846

In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain elevated privileges because GRUB and the BIOS are unprotected...

ESPEC North America Web Controller 3 安全漏洞

ESPEC North America Web Controller 3 is a laboratory equipment monitoring software from ESPEC North America. A security vulnerability exists in ESPEC North America Web Controller versions prior to 3 3.3.8 that stems from an unprotected GRUB and BIOS, where physical access could result in elevated...