SUSE CVE-2025-45512

A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot U-Boot v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution...

DEBIAN-CVE-2025-45512

A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot U-Boot v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution...

CVE-2025-45512

A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot U-Boot v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution...

UBUNTU-CVE-2025-45512

A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot U-Boot v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution...

CVE-2025-45512

A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot U-Boot v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution...

CVE-2025-45512

CVE-2025-45512 affects DENX Software Engineering Das U-Boot (bootloader) v1.1.3. The root cause is a lack of signature verification in the bootloader, enabling attackers to install crafted firmware and achieve arbitrary code execution. Impact is practical on devices using this U-Boot version, wit...

CVE-2025-45512

A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot U-Boot v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution...

CVE-2025-45512

A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot U-Boot v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution...

GNU GRUB Resource Management Error Vulnerability

GNU GRUB is a Linux system boot program from the GNU community. A resource management error vulnerability exists in GNU GRUB, which originates from a module uninstallation without clearing hooks, and can be exploited by an attacker to initiate a large number of requests, consuming system resource...

CVE-2025-31716

In bootloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed...

CVE-2025-31716

In bootloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed...

CVE-2025-31716

In bootloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed...

CVE-2025-31716

In bootloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed...

CVE-2025-31716

CVE-2025-31716 corresponds to a local out-of-bounds write in the bootloader caused by a missing bounds check, potentially leading to local denial of service. The vulnerability affects UNISOC bootloader implementations as described in multiple sources, with a CVSSv3.1 base score of 5.1 (Local acce...

PT-2025-31609 · Unknown · Bootloader

Name of the Vulnerable Software and Affected Versions: bootloader affected versions not specified Description: A possible out-of-bounds write issue exists due to an incomplete bounds check in the bootloader. This could result in a local denial of service without requiring additional execution...

CVE-2023-28904

A logic flaw leading to a RAM buffer overflow in the bootloader component of the MIB3 infotainment unit allows an attacker with physical access to the MIB3 ECU to bypass firmware signature verification and run arbitrary code in the infotainment system at boot process...

Volkswagen MIB3 Infotainment 安全漏洞

Volkswagen MIB3 Infotainment is an infotainment system on a vehicle from Volkswagen Germany. A security vulnerability exists in Volkswagen MIB3 Infotainment, which originates from a RAM buffer overflow in the bootloader component, which could allow a physically accessible attacker to bypass...

Pixel Watch Security Bulletin—June 2025Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Watch Security Bulletin contains details of security vulnerabilities affecting Pixel Watch devices Google Devices. For Google devices, security patch levels of 2025-06-05 or later address all issues in this bulletin and all issues in the June 2025 Android Security Bulletin and all issue...

OpenCCA: an Open Framework to Enable Arm CCA Research

Confidential computing has gained traction across major architectures with Intel TDX, AMD SEV-SNP, and Arm CCA. Unlike TDX and SEV-SNP, a key challenge in researching Arm CCA is the absence of hardware support, forcing researchers to develop ad-hoc performance prototypes on non-CCA Arm boards. Th...

CVE-2024-23594

A buffer overflow vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to execute arbitrary code...