3605 matches found
PT-2019-2446 · Cisco · Cisco Secure Boot +1
Name of the Vulnerable Software and Affected Versions: Cisco products that support hardware-based Secure Boot functionality affected versions not specified Description: A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review th...
EfiGuard - Disable PatchGuard And DSE At Boot Time
EfiGuard is a portable x64 UEFI bootkit that patches the Windows boot manager, boot loader and kernel at boot time in order to disable PatchGuard and Driver Signature Enforcement DSE. Features Currently supports all EFI-compatible versions of Windows x64 ever released, from Vista SP1 to Server...
Buffer Overflow Vulnerability in Multiple IBM Products
The IBM Power System S922, among others, is a Power processor-based server device from IBM in the United States. A buffer overflow vulnerability exists in the boot loader in several IBM products. An attacker could exploit this vulnerability to overwrite the bootloader's instruction memory, bypass...
CVE-2018-1992
The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker wer...
CVE-2018-1992
The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker wer...
Buffer overflow
The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker wer...
CVE-2018-20785
Secure boot bypass and memory extraction can be achieved on Neato Botvac Connected 2.2.0 devices. During startup, the AM335x secure boot feature decrypts and executes firmware. Secure boot can be bypassed by starting with certain commands to the USB serial port. Although a power cycle occurs, thi...
CVE-2018-20785
Secure boot bypass and memory extraction can be achieved on Neato Botvac Connected 2.2.0 devices. During startup, the AM335x secure boot feature decrypts and executes firmware. Secure boot can be bypassed by starting with certain commands to the USB serial port. Although a power cycle occurs, thi...
Design/Logic Flaw
Secure boot bypass and memory extraction can be achieved on Neato Botvac Connected 2.2.0 devices. During startup, the AM335x secure boot feature decrypts and executes firmware. Secure boot can be bypassed by starting with certain commands to the USB serial port. Although a power cycle occurs, thi...
CVE-2018-20785
Secure boot bypass and memory extraction can be achieved on Neato Botvac Connected 2.2.0 devices. During startup, the AM335x secure boot feature decrypts and executes firmware. Secure boot can be bypassed by starting with certain commands to the USB serial port. Although a power cycle occurs, thi...
CVE-2018-20785
CVE-2018-20785 affects Neato Botvac Connected 2.2.0. The AM335x secure boot can be bypassed by issuing certain commands to the USB serial port during startup, allowing execution of an unsigned QNX IFS image via a boot menu (XMODEM). A power cycle does not fully reset the chip, leaving memory cont...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0002)
The remote OracleVM system is missing necessary patches to address critical security updates : - rds: congestion updates can be missed when kernel low on memory Mukesh Kacker Orabug: 28425811 - net/rds: ib: Fix endless RNR Retries caused by memory allocation failures Venkat Venkatsubra Orabug:...
CVE-2019-7308
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks...
System x Secure Boot Vulnerability - US
Lenovo Security Advisory: LEN-20241 Potential Impact: Booting unauthenticated code Severity: High Scope of Impact: Lenovo-only CVE Identifier: CVE-2017-3775 Summary Description: Lenovo internal testing discovered some System x server BIOS/UEFI versions that, when Secure Boot mode is enabled by a...
System x Secure Boot Vulnerability - Lenovo Support US
No description provided...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4316)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4316 advisory. - Copy secureboot flag in boot params across kexec reboot Dave Young Orabug: 22066352 CVE-2015-7837 - ipv6: tcp: add rcu locking in tcpv6sendsynack...
Ubuntu: Security Advisory (USN-3832-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3835-1: Linux kernel vulnerabilities
Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. CVE-2018-17972 Jann Horn discovered that the mremap system...
CAINE 10.0 - GNU/Linux Live Distribution For Digital Forensics Project, Windows Side Forensics And Incident Response
CAINE Computer Aided INvestigative Environment is an Italian GNU/Linux live distribution created as a Digital Forensics project. Currently, the project manager is Nanni Bassetti Bari - Italy. CAINE offers a complete forensic environment that is organized to integrate existing software tools as...