Lucene search
+L

115 matches found

OSV
OSV
added 2018/06/26 4:29 p.m.19 views

CVE-2018-1000205

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality...

5.5CVSS5.7AI score
Exploits0References2
CVE
CVE
added 2018/06/26 4:0 p.m.70 views

CVE-2018-1000205

CVE-2018-1000205 concerns the U-Boot bootloader, where CWE-20 Improper Input Validation exists in the Verified boot signature validation, allowing bypass of verified boot. The issue is exploitable via a specially crafted FIT image and device memory functionality. Affected details in connected doc...

5.5CVSS5.3AI score0.00713EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2018/06/26 4:0 p.m.42 views

CVE-2018-1000205

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality...

5.5CVSS5.3AI score0.00713EPSS
Exploits0
myhack58
myhack58
added 2017/09/07 12:0 a.m.75 views

Samsung, Huawei and other phone Bootloader was traced to the presence of many high-risk bug-vulnerability warning-the black bar safety net

California University research team to create the main stream mobile platform in the bootloader exists in the code test and the DOS of the security gap. Workshop staff with a BootStomp to create 6 new found cracks, 5 of which division is the manufacturer to confirm. There is also a su XI reported...

7.1CVSS1.3AI score0.00365EPSS
Exploits0
ThreatPost
ThreatPost
added 2017/09/06 1:55 p.m.20 views

Multiple Vulnerabilities Found in NVIDIA, Qualcomm and Huawei's Bootloaders

Six exploitable flaws in chipsets used by Huawei, Qualcomm, MediaTek and NVIDIA were found in popular Android handsets, according to a report by University of California at Santa Barbara computer scientists. Each of the flaws exist in phones sold by Huawei, Sony and Google, and are tied to each o...

7.1CVSS0.9AI score0.00365EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2017/09/05 9:11 p.m.45 views

Mobile Bootloaders From Top Manufacturers Found Vulnerable to Persistent Threats

Security researchers have discovered several severe zero-day vulnerabilities in the mobile bootloaders from at least four popular device manufacturers that could allow an attacker to gain persistent root access on the device. A team of nine security researchers from the University of California...

7.1CVSS7.4AI score0.00365EPSS
Exploits0
Prion
Prion
added 2017/08/11 3:29 p.m.17 views

Buffer overflow

In all Qualcomm products with Android release from CAF using the Linux kernel, while processing fastboot boot command when verified boot feature is disabled, with length greater than boot image buffer, a buffer overflow can occur...

6.8CVSS8.2AI score0.00385EPSS
Exploits0References2
GoogleProjectZero
GoogleProjectZero
added 2017/02/08 12:0 a.m.41 views

Lifting the (Hyper) Visor: Bypassing Samsung’s Real-Time Kernel Protection

Posted by Gal Beniamini, Project Zero Traditionally, the operating system’s kernel is the last security boundary standing between an attacker and full control over a target system. As such, additional care must be taken in order to ensure the integrity of the kernel. First, when a system boots, t...

8AI score
Exploits0
OSV
OSV
added 2016/07/21 10:15 a.m.2 views

CVE-2016-5454

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot...

6.4CVSS5.8AI score0.00323EPSS
Exploits0References4
NVD
NVD
added 2016/07/21 10:15 a.m.21 views

CVE-2016-5454

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot...

6.4CVSS5.7AI score0.00323EPSS
Exploits0References4
OSV
OSV
added 2016/07/21 10:15 a.m.5 views

CVE-2016-5452

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot...

5.5CVSS5.8AI score0.00383EPSS
Exploits0References4
NVD
NVD
added 2016/07/21 10:15 a.m.18 views

CVE-2016-5452

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot...

5.5CVSS4.9AI score0.00383EPSS
Exploits0References4
Prion
Prion
added 2016/07/21 10:15 a.m.14 views

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot...

5.4CVSS5.9AI score0.00323EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2016/07/21 10:15 a.m.18 views

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot...

2.1CVSS5.8AI score0.00383EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2016/07/21 10:0 a.m.23 views

CVE-2016-5454

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot...

5.7AI score0.00323EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2016/07/21 10:0 a.m.10 views

CVE-2016-5454

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot...

5.8AI score0.00323EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2016/07/21 10:0 a.m.8 views

CVE-2016-5452

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot...

5.6AI score0.00383EPSS
Exploits0References4
CVE
CVE
added 2016/07/21 10:0 a.m.39 views

CVE-2016-5452

CVE-2016-5452 affects Oracle Solaris 11.3 Verified Boot subcomponent. A local attacker could affect confidentiality by exploiting Verified Boot vulnerabilities; CVSS 3.0 indicates LOCAL, LOW complexity, LOW privileges required, with HIGH confidentiality impact. Connected sources confirm the issue...

5.5CVSS5.3AI score0.00383EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2016/07/21 10:0 a.m.21 views

CVE-2016-5452

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot...

4.7AI score0.00383EPSS
Exploits0References4
CNVD
CNVD
added 2016/07/21 12:0 a.m.5 views

Oracle Sun Solaris Verified Boot Subcomponent Has Unspecified Vulnerability

Oracle Sun Solaris is a set of Unix-like operating systems from Oracle. A security vulnerability exists in the Verified Boot subcomponent of Oracle Sun Solaris version 11.3. A local attacker could exploit the vulnerability to read data and compromise the confidentiality of the data...

5.5CVSS6.3AI score0.00383EPSS
Exploits0References1
Rows per page
Query Builder