Lucene search
K

426 matches found

OSV
OSV
added 2018/07/09 7:29 p.m.5 views

CVE-2017-3197

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6 and GB-BXi7-5775 version F2 platforms does not securely implement BIOSWE, BLE, SMMBWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash...

9.8CVSS5.9AI score0.05641EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2018/04/20 12:0 a.m.6 views

The vulnerability of the S Boot loader of the Samsung mobile operating system allows a hacker to execute arbitrary code.

The vulnerability of the S Boot loader of the Samsung mobile operating system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a hacker to execute arbitrary code...

8.4CVSS5.8AI score0.00424EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2018/02/02 5:1 a.m.23 views

Symlink Privilege Escalation

spring-boot-loader-tools is vulnerable to symlink privilege escalation attacks. The runuser can overwrite and take over ownership of any file on the system by using a symlink attack. The application must be installed as a service and the runuser must have shell access in order to successfully...

5.9CVSS5.9AI score0.01235EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/11/22 7:29 p.m.5 views

CVE-2017-8149

The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an out-of-bounds memory access vulnerability due to the lack of parameter validation. An attack...

5.5CVSS6.1AI score0.00531EPSS
Exploits0References1
NVD
NVD
added 2017/11/22 7:29 p.m.24 views

CVE-2017-8150

The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker wi...

9.3CVSS7.8AI score0.00958EPSS
Exploits0References1
NVD
NVD
added 2017/11/16 10:29 p.m.20 views

CVE-2017-9721

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the boot loader, a buffer overflow can occur while parsing the splash image...

7.8CVSS7.5AI score0.00137EPSS
Exploits0References1
Prion
Prion
added 2017/11/16 10:29 p.m.14 views

Buffer overflow

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the boot loader, a buffer overflow can occur while parsing the splash image...

4.6CVSS7.6AI score0.00137EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/03 12:0 a.m.4 views

Lenovo E95 and ThinkCentre M710s/M710t Unauthorized Vulnerability

The Lenovo E95 and ThinkCentre M710s/M710t are both desktop computers from the Chinese company Lenovo Lenovo. A security vulnerability exists in the Lenovo E95 and ThinkCentre M710s/M710t, which arises from a program that fails to adequately protect the system boot process. An attacker could...

7.5CVSS6.8AI score0.00822EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/11/03 12:0 a.m.4 views

The vulnerability of the initial loader of Motorola’s Android operating system allows a hacker to increase their privileges.

The vulnerability of the initial loader on Motorola’s Android operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

9.8CVSS7.8AI score0.00498EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/05/25 12:0 a.m.7 views

The vulnerability of the initial loader of Qualcomm’s Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the initial loader of the Qualcomm Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.3CVSS7.8AI score0.00579EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/01/23 9:59 p.m.3 views

ALPINE-CVE-2016-9379

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...

7.9CVSS6.7AI score0.00441EPSS
Exploits0References1
OSV
OSV
added 2017/01/23 9:59 p.m.1 views

DEBIAN-CVE-2016-9379

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...

7.9CVSS8.4AI score0.00441EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/01/23 9:59 p.m.36 views

CVE-2016-9379

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...

7.9CVSS7.2AI score0.00441EPSS
Exploits0References2
OSV
OSV
added 2017/01/23 9:59 p.m.2 views

UBUNTU-CVE-2016-9379

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...

7.9CVSS7.3AI score0.00441EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/12/07 12:0 a.m.38 views

Debian Security Advisory DSA 3729-1 (xen - security update)

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-7777 XSA-190 Jan Beulich from SUSE discovered that Xen does not properly honor CR0.TS and CR0.EM for x86 HVM guests, potentially allowi...

7.2CVSS0.5AI score0.00509EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/11/25 12:0 a.m.47 views

Debian DLA-720-1 : xen security update

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2016-9379, CVE-2016-9380 XSA-198 pygrub, the boot loader emulator, fails to quote or sanity check its results when reporting them to its...

8.8CVSS7.5AI score0.00509EPSS
Exploits0References8
CNVD
CNVD
added 2016/08/10 12:0 a.m.21 views

Microsoft Secure Boot Security Feature Bypass Vulnerability

Microsoft Windows is the popular computer operating system. A security vulnerability exists in Windows Secure Boot due to the program not loading the boot manager correctly. An attacker with access privileges is allowed to exploit the vulnerability to bypass the Secure Boot protection mechanism...

4.9CVSS6.8AI score0.05008EPSS
Exploits0References1
myhack58
myhack58
added 2015/01/16 12:0 a.m.27 views

Use HTC One vulnerability to crack mobile PIN password-vulnerability warning-the black bar safety net

HTC One phone is running Android 4.2.2 and HBOOT 1.54.0000, it exists a file called Bootloader vulnerability. This vulnerability early in the 2 0 1 4 year 2 month's report to the HTC official, and at times months to fix the vulnerability. In get HTC official consent, we will now take the entire...

0.6AI score
Exploits0
NVD
NVD
added 2012/10/31 4:55 p.m.18 views

CVE-2012-2625

The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service memory consumption via a large 1 bzip2 or 2 lzma compressed kernel image...

2.7CVSS6AI score0.00923EPSS
Exploits0References15
Debian CVE
Debian CVE
added 2012/10/31 4:0 p.m.37 views

CVE-2012-2625

The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service memory consumption via a large 1 bzip2 or 2 lzma compressed kernel image...

2.7CVSS5.3AI score0.00923EPSS
Exploits0
Rows per page
Query Builder