200 matches found
SUSE CVE-2026-8863
Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the...
CVE-2026-6893
CVE-2026-6893 affects the dracut project, specifically the legacy DHCP path. A remote attacker on an adjacent network can trigger root code execution in the initramfs by sending specially crafted DHCP options (for example, a malicious hostname). The options are improperly handled and written into...
CVE-2026-8863 CVE-2026-8863
Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the...
CVE-2026-0539
Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all...
CVE-2026-24088 Missing Authentication for Critical Function in Boot
Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader...
Qualcomm Chipsets 访问控制错误漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. Qualcomm Chipsets contain an access control vulnerability, which stems from encryption issues during the processing of partition table entries. This vulnerability may allow unauthorized modification...
CVE-2026-43240 x86/kexec: add a sanity check on previous kernel's ima kexec buffer
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=", the physical range that contains the carried over IMA measurement...
CVE-2026-32293
The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...
EUVD-2026-15353
In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Revert "i2c: i801: replace acpilock with I2C bus lock" This reverts commit f707d6b9e7c18f669adfdb443906d46cfbaaa0c1. Under rare circumstances, multiple udev threads can collect i801 device info on boot and walk...
CVE-2026-32606 IncusOS has a LUKS encryption bypass due to insufficient TPM policy
IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...
CVE-2026-32293 GL-iNet Comet (GL-RM1) KVM insufficient certificate validation
The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...
CVE-2026-32293
The affected device is the GL-iNet Comet (GL-RM1) KVM. During boot, it connects to a GL-iNet site to provision client and CA certificates, but it does not verify the certificates used for this connection. This enables a network attacker to perform a man-in-the-middle attack to serve invalid clien...
CVE-2026-32293 GL-iNet Comet (GL-RM1) KVM insufficient certificate validation
The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...
CVE-2025-65396
A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physically proximate attacker to hijack the boot mechanism and gain a bootloader shell via the UART interface. This is achieved by inducing a read error from the SPI flash memory during the...
PT-2026-2919
Name of the Vulnerable Software and Affected Versions Blurams Flare Camera versions 24.1114.151.929 and earlier Description A flaw exists in the boot process of the Blurams Flare Camera that allows a nearby attacker to take control of the boot mechanism and obtain a bootloader shell through the...
Blurams Flare Camera 安全漏洞
Blurams Flare Camera is a camera from Blurams USA. A security vulnerability exists in Blurams Flare Camera 24.1114.151.929 and earlier versions, which stems from a flaw in the boot process and could lead to the disclosure of sensitive information...
CVE-2025-65396
A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physically proximate attacker to hijack the boot mechanism and gain a bootloader shell via the UART interface. This is achieved by inducing a read error from the SPI flash memory during the...
CVE-2025-65396
A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physically proximate attacker to hijack the boot mechanism and gain a bootloader shell via the UART interface. This is achieved by inducing a read error from the SPI flash memory during the...
CVE-2025-65396
Affected product: Blurams Flare Camera (versions 24.1114.151.929 and earlier). Vulnerability cause: In the boot process, a read error from the SPI flash memory is induced by shorting a data pin to ground, allowing a physically proximate attacker to hijack the boot mechanism and gain a bootloader ...
CVE-2025-64305
MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize these plaintext secrets to modify the vendor firmware, or gain admin access to the web portal...