Lucene search
K

3605 matches found

Positive Technologies
Positive Technologies
added 2019/05/13 12:0 a.m.3 views

PT-2019-2446 · Cisco · Cisco Secure Boot +1

Name of the Vulnerable Software and Affected Versions: Cisco products that support hardware-based Secure Boot functionality affected versions not specified Description: A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot...

7.2CVSS6.3AI score0.00611EPSS
Exploits0References8
CISA
CISA
added 2019/05/13 12:0 a.m.7 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review th...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2019/04/18 10:34 p.m.941 views

EfiGuard - Disable PatchGuard And DSE At Boot Time

EfiGuard is a portable x64 UEFI bootkit that patches the Windows boot manager, boot loader and kernel at boot time in order to disable PatchGuard and Driver Signature Enforcement DSE. Features Currently supports all EFI-compatible versions of Windows x64 ever released, from Vista SP1 to Server...

6.9AI score
Exploits0References15
CNVD
CNVD
added 2019/03/22 12:0 a.m.1 views

Buffer Overflow Vulnerability in Multiple IBM Products

The IBM Power System S922, among others, is a Power processor-based server device from IBM in the United States. A buffer overflow vulnerability exists in the boot loader in several IBM products. An attacker could exploit this vulnerability to overwrite the bootloader's instruction memory, bypass...

6.9CVSS7.2AI score0.00353EPSS
Exploits0References1
NVD
NVD
added 2019/03/21 4:0 p.m.20 views

CVE-2018-1992

The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker wer...

6.9CVSS6.5AI score0.00353EPSS
Exploits0References2
OSV
OSV
added 2019/03/21 4:0 p.m.4 views

CVE-2018-1992

The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker wer...

6.4CVSS6.1AI score0.00353EPSS
Exploits0References2
Prion
Prion
added 2019/03/21 4:0 p.m.16 views

Buffer overflow

The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker wer...

6.9CVSS6.5AI score0.00353EPSS
Exploits0References2Affected Software11
NVD
NVD
added 2019/02/23 2:29 p.m.20 views

CVE-2018-20785

Secure boot bypass and memory extraction can be achieved on Neato Botvac Connected 2.2.0 devices. During startup, the AM335x secure boot feature decrypts and executes firmware. Secure boot can be bypassed by starting with certain commands to the USB serial port. Although a power cycle occurs, thi...

7.4CVSS7.5AI score0.00466EPSS
Exploits1References1
OSV
OSV
added 2019/02/23 2:29 p.m.4 views

CVE-2018-20785

Secure boot bypass and memory extraction can be achieved on Neato Botvac Connected 2.2.0 devices. During startup, the AM335x secure boot feature decrypts and executes firmware. Secure boot can be bypassed by starting with certain commands to the USB serial port. Although a power cycle occurs, thi...

7.4CVSS5.9AI score0.00466EPSS
Exploits1References1
Prion
Prion
added 2019/02/23 2:29 p.m.19 views

Design/Logic Flaw

Secure boot bypass and memory extraction can be achieved on Neato Botvac Connected 2.2.0 devices. During startup, the AM335x secure boot feature decrypts and executes firmware. Secure boot can be bypassed by starting with certain commands to the USB serial port. Although a power cycle occurs, thi...

4.4CVSS7.5AI score0.00466EPSS
Exploits1References1Affected Software7
Cvelist
Cvelist
added 2019/02/23 2:0 p.m.21 views

CVE-2018-20785

Secure boot bypass and memory extraction can be achieved on Neato Botvac Connected 2.2.0 devices. During startup, the AM335x secure boot feature decrypts and executes firmware. Secure boot can be bypassed by starting with certain commands to the USB serial port. Although a power cycle occurs, thi...

7.5AI score0.00466EPSS
Exploits1References1
CVE
CVE
added 2019/02/23 2:0 p.m.52 views

CVE-2018-20785

CVE-2018-20785 affects Neato Botvac Connected 2.2.0. The AM335x secure boot can be bypassed by issuing certain commands to the USB serial port during startup, allowing execution of an unsigned QNX IFS image via a boot menu (XMODEM). A power cycle does not fully reset the chip, leaving memory cont...

7.4CVSS7.4AI score0.00466EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/02/06 12:0 a.m.79 views

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0002)

The remote OracleVM system is missing necessary patches to address critical security updates : - rds: congestion updates can be missed when kernel low on memory Mukesh Kacker Orabug: 28425811 - net/rds: ib: Fix endless RNR Retries caused by memory allocation failures Venkat Venkatsubra Orabug:...

9.8CVSS6.8AI score0.03399EPSS
Exploits7References16
UbuntuCve
UbuntuCve
added 2019/02/01 12:0 a.m.50 views

CVE-2019-7308

kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks...

5.6CVSS6.8AI score0.00543EPSS
Exploits0References7
Lenovo
Lenovo
added 2019/01/12 7:48 p.m.677 views

System x Secure Boot Vulnerability - US

Lenovo Security Advisory: LEN-20241 Potential Impact: Booting unauthenticated code Severity: High Scope of Impact: Lenovo-only CVE Identifier: CVE-2017-3775 Summary Description: Lenovo internal testing discovered some System x server BIOS/UEFI versions that, when Secure Boot mode is enabled by a...

6.9CVSS0.9AI score0.00271EPSS
Exploits0
Lenovo
Lenovo
added 2019/01/12 7:48 p.m.24 views

System x Secure Boot Vulnerability - Lenovo Support US

No description provided...

6.9CVSS6.4AI score0.00271EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/07 12:0 a.m.89 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4316)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4316 advisory. - Copy secureboot flag in boot params across kexec reboot Dave Young Orabug: 22066352 CVE-2015-7837 - ipv6: tcp: add rcu locking in tcpv6sendsynack...

10CVSS7AI score0.52189EPSS
Exploits4References23
OpenVAS
OpenVAS
added 2018/12/04 12:0 a.m.49 views

Ubuntu: Security Advisory (USN-3832-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.07611EPSS
Exploits28References2
Ubuntu
Ubuntu
added 2018/12/03 7:15 p.m.116 views

USN-3835-1: Linux kernel vulnerabilities

Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. CVE-2018-17972 Jann Horn discovered that the mremap system...

7.8CVSS6.9AI score0.07611EPSS
Exploits28
Kitploit
Kitploit
added 2018/11/19 12:39 p.m.60 views

CAINE 10.0 - GNU/Linux Live Distribution For Digital Forensics Project, Windows Side Forensics And Incident Response

CAINE Computer Aided INvestigative Environment is an Italian GNU/Linux live distribution created as a Digital Forensics project. Currently, the project manager is Nanni Bassetti Bari - Italy. CAINE offers a complete forensic environment that is organized to integrate existing software tools as...

7.2AI score
Exploits0
Rows per page
Query Builder