Exploit for Acceptance of Extraneous Untrusted Data With Trusted Data in Microsoft

BitUnlocker Downgrade Attack A proof of concept for accessing...

CVE-2025-71119

In the Linux kernel, the following vulnerability has been resolved: powerpc/kexec: Enable SMT before waking offline CPUs If SMT is disabled or a partial SMT state is enabled, when a new kernel image is loaded for kexec, on reboot the following warning is observed: kexec: Waking offline cpu 228...

CVE-2025-11577

Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposure of these keys could allow attackers to sign malicious firmware that appears trusted by affected systems, undermining th...

EUVD-2025-34225

Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposure of these keys could allow attackers to sign malicious firmware that appears trusted by affected systems, undermining th...

CVE-2025-11577

Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposure of these keys could allow attackers to sign malicious firmware that appears trusted by affected systems, undermining th...

CVE-2025-11577

CVE-2025-11577 concerns Clevo UEFI firmware updates that were found to contain private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposed keys could allow an attacker to sign malicious firmware that would be validated as trusted during pre-boot, potentially compro...

CVE-2025-11577 Clevo UEFI firmware exposed Boot Guard private keys, enabling potential abuse of the Boot Guard trust chain

Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposure of these keys could allow attackers to sign malicious firmware that appears trusted by affected systems, undermining th...

CVE-2025-11577 Clevo UEFI firmware exposed Boot Guard private keys, enabling potential abuse of the Boot Guard trust chain

Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposure of these keys could allow attackers to sign malicious firmware that appears trusted by affected systems, undermining th...

PT-2023-17860 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue allows for local escalation of privilege due to a missing warning to the user, enabling the device to boot with a hidden debug policy. This can be exploited by preparing the...

CVE-2016-7247

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow physically proximate attackers to bypass the Secure Boot protection mechanism via a crafted boot policy, aka "Secure Boot Component Vulnerability."...

Design/Logic Flaw

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow physically proximate attackers to bypass the Secure Boot protection mechanism via a crafted boot policy, aka "Secure Boot Component Vulnerability."...

MS16-140: Security update for boot manager: November 8, 2016

Resolves a vulnerability in Windows that could allow security feature bypass if a physically-present attacker installs an affected boot policy.SummaryThis security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow a security feature bypass if a physically present...

MS15-111: Security Update for Windows Kernel to Address Elevation of Privilege (3096447)

The remote Windows host is affected by the following vulnerabilities : - Multiple elevation of privilege vulnerabilities exist in the Windows kernel due to improper handling of objects in memory. A local attacker can exploit these vulnerabilities, via a specially crafted application, to execute...