CVE-2025-65396

A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physically proximate attacker to hijack the boot mechanism and gain a bootloader shell via the UART interface. This is achieved by inducing a read error from the SPI flash memory during the...

CVE-2025-65396

Affected product: Blurams Flare Camera (versions 24.1114.151.929 and earlier). Vulnerability cause: In the boot process, a read error from the SPI flash memory is induced by shorting a data pin to ground, allowing a physically proximate attacker to hijack the boot mechanism and gain a bootloader ...

EUVD-2017-12323

Malware in sbrugna...

EUVD-2020-29208

Malware in sbrugna...

EUVD-2021-13152

Malware in sbrugna...

EUVD-2021-13123

Malware in sbrugna...

EUVD-2019-15723

Malware in sbrugna...

EUVD-2017-14780

Malware in sbrugna...

EUVD-2022-45350

Malicious code in bioql PyPI...

EUVD-2023-35428

Malicious code in bioql PyPI...

EUVD-2024-37325

Malicious code in bioql PyPI...

EUVD-2022-45360

Malicious code in bioql PyPI...

EUVD-2023-38416

Malicious code in bioql PyPI...

EUVD-2024-31376

Malicious code in bioql PyPI...

EUVD-2023-32145

Malicious code in bioql PyPI...

EUVD-2023-57336

Malicious code in bioql PyPI...

EUVD-2024-27270

Malicious code in bioql PyPI...

CVE-2025-25735

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers PRRs, allowing attackers with software running on the system to modify SPI flash in real-time...

CVE-2025-51643

Meitrack T366G-L GPS Tracker devices contain an SPI flash chip Winbond 25Q64JVSIQ that is accessible without authentication or tamper protection. An attacker with physical access to the device can use a standard SPI programmer to extract the firmware using flashrom. This results in exposure of...

CVE-2025-25733

Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to arbitrarily modify SPI flash regions, leading to a degradation of the security posture of the devi...