27 matches found
Astra Linux - уязвимость в u-boot
In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy to overwrite a very large amount of data including the entire stack, while reading a crafted ext4 filesystem...
Vulnerabilities fixed in Cisco IOS XE Software
Cisco has fixed vulnerabilities in Cisco IOS XE Software, specifically for several products such as Catalyst 9000 Series Switches, Catalyst CW9800 Family, and Cisco Meraki. The vulnerabilities include several issues, such as a memory leak in the IKEv2 implementation, vulnerabilities in the DHCP...
Cisco IOS XE Software for Catalyst Rugged Series Switches Secure Boot Bypass (cisco-sa-xe-secureboot-bypass-B6uYxYSZ)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series...
CVE-2025-29951
A buffer overflow in the AMD Secure Processor ASP bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution...
Astra Linux - уязвимость в u-boot
Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration...
EUVD-2017-9740
Malware in sbrugna...
EUVD-2022-37258
Malicious code in bioql PyPI...
EUVD-2022-37259
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-1000205
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack...
grub2: fs/ufs: OOB write in the heap
A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure...
GNU GRUB 安全漏洞
GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a null pointer dereference vulnerability that stems from not properly setting ERRNO when an HFS+grub mount fails, which can lead to null pointer access. An attacker can exploit this vulnerability to perform...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from a failure in the bootloader protection mechanism, allowing a physical...
AMD Secure Processor Security Vulnerability
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from AMD. A security vulnerability exists in AMD Secure Processor, which stems from the fact that insufficient validation of the SPI flash address in the bootloader could allow an attacker to read data mapped to memory other than the SP...
SUSE CVE-2021-26347
Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...
AMD Secure Processor(ASP) 输入验证错误漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. AMD Secure Processor ASP suffers from a security vulnerability that stems from inadequate system call input validation in the Bootloader, which could allow a privileged attacker to read memory outside of...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android 11 has a security vulnerability that stems from a security flaw in the system's Pixel Bootloader...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android 11 has a security vulnerability that stems from a security flaw in the system's Pixel Bootloader...
Samsung Tizen 输入验证错误漏洞
Samsung Tizen is an open-source Linux-based mobile operating system from Samsung, South Korea, for smartphones, tablets, smartwatches, netbooks, in-vehicle messaging and entertainment devices, and smart TVs. A code injection vulnerability exists in Samsung Tizen, which stems from a faulty input...
CVE-2021-34397
Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service...
DEBIAN-CVE-2021-27097
The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT...