Lucene search
K

1788 matches found

Fedora
Fedora
added 2021/12/26 1:10 a.m.30 views

[SECURITY] Fedora 34 Update: grub2-2.06-9.fc34

The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...

3.3CVSS1.5AI score0.00311EPSS
Exploits0
Fedora
Fedora
added 2021/12/12 1:11 a.m.47 views

[SECURITY] Fedora 35 Update: grub2-2.06-10.fc35

The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...

1.5AI score0.00311EPSS
Exploits0
OSV
OSV
added 2021/12/10 1:15 p.m.4 views

CVE-2021-37188

An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may load customized firmware because the bootloader does not verify that it is authentic, changing the behavior of the gateway...

8.8CVSS5.8AI score0.00465EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/12/10 12:0 a.m.5 views

Digi International Digi TransPort 数据伪造问题漏洞

The Digi International Digi TransPort is a full-featured cellular router from Digi International USA. The Digi TransPort suffers from a Data Forgery Issue vulnerability that originates from an authenticated attacker who could use the vulnerability to potentially load customized firmware since the...

8.8CVSS8AI score0.00465EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/07 7:14 p.m.14 views

Security Bulletin: This Power System update is being released to address CVE 2018-1992

Summary POWER9: In response to a buffer overflow vulnerability on the boot loader, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2018-1992. Vulnerability Details CVEID: CVE-2018-1992 DESCRIPTION: The IBM POWER9 boot firmware'...

6.9CVSS2.3AI score0.00353EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2021/12/06 12:0 a.m.3 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android 11 has a security vulnerability that stems from a security flaw in the system's Pixel Bootloader...

10CVSS8.3AI score0.00543EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/12/06 12:0 a.m.2 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android 11 has a security vulnerability that stems from a security flaw in the system's Pixel Bootloader...

9.8CVSS8.3AI score0.00453EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/11/17 12:0 a.m.3 views

grub2 安全漏洞

grub2 is a Linux system boot program from the American GNU community. A security vulnerability exists in grub2 that stems from incorrect permissions in grub.cfg, which allow unprivileged users to read the contents of the file...

3.3CVSS5.6AI score0.00311EPSS
Exploits0References14
The Hacker News
The Hacker News
added 2021/11/16 6:52 a.m.26 views

New 'Moses Staff' Hacker Group Targets Israeli Companies With Destructive Attacks

A new politically-motivated hacker group named "Moses Staff" has been linked to a wave of targeted attacks targeting Israeli organizations since September 2021 with the goal of plundering and leaking sensitive information prior to encrypting their networks, with no option to regain access or...

6.7AI score
Exploits0
CNNVD
CNNVD
added 2021/11/12 12:0 a.m.5 views

AMD Secure Processor 输入验证错误漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from AMD. An input validation error vulnerability exists in multiple AMD products that stems from incorrect input and range checking in the Platform Secure Processor PSP bootloader image header that could allow an attacker to use...

7.8CVSS7AI score0.00286EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2021/09/28 2:40 p.m.2 views

grub2: Use-after-free in rmmod command

A flaw was found in grub2. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The...

8.2CVSS5.9AI score0.01152EPSS
Exploits0References4
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/09/01 5:10 a.m.63 views

Why the Raspberry Pi isn’t suitable for IoT

Let’s start by praising the Raspberry Pi: it has brought cheap computing to many, has inspired and enabled education and undoubtedly been a huge benefit. I use my own Pi daily, and we have often used its flexibility to perform hardware testing, from accessing UART to reading flash memory. So why ...

7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 8:50 p.m.3 views

bootloader (>=0.10.0 <=0.10.13), libertyos_kernel (>=0.14.0 <=0.17.5) +1 more potentially affected by CVE-2020-36208 via conquer-once (=0.2.1)

conquer-once CARGO version =0.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on conquer-once and may be impacted: - bootloader =0.10.0, =0.14.0, =0.1.0, =0.2.6 Source cves: CVE-2020-36208 Source advisory: OSV:GHSA-3JC5-5HC5-33GJ...

7.8CVSS7.1AI score0.00426EPSS
Exploits1
NVD
NVD
added 2021/08/11 10:15 p.m.14 views

CVE-2021-1111

Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components...

6.7CVSS0.00281EPSS
Exploits0References1
OSV
OSV
added 2021/08/11 10:15 p.m.3 views

CVE-2021-1111

Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components...

6.7CVSS6.9AI score0.00281EPSS
Exploits0References1
Prion
Prion
added 2021/08/11 10:15 p.m.21 views

Buffer overflow

Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components...

4.6CVSS6.5AI score0.00281EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/08/11 9:33 p.m.85 views

CVE-2021-1111

The CVE-2021-1111 entry concerns NVIDIA Jetson bootloader (NV3P server). Affected components are bootloader code on Jetson Linux devices (Jetson AGX Xavier, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano). The vulnerability arises from an incorrect bounds check in the bootloader ...

6.7CVSS6.4AI score0.00281EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/11 9:33 p.m.26 views

CVE-2021-1111

Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components...

6.7CVSS6.8AI score0.00281EPSS
Exploits0References1
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/08/09 5:28 a.m.1783 views

Breaking the Android Bootloader on the Qualcomm Snapdragon 660

This post is a companion to the DEF CON 29 video available here. A few months ago I purchased an Android phone to do some research around a specific series of NFC chips, which required me to gain root access to the device in order to fully access its hardware capabilities. Gaining root access on...

7.2CVSS8AI score0.00199EPSS
Exploits0
CNVD
CNVD
added 2021/08/06 12:0 a.m.29 views

NVIDIA Bootloader Buffer Overflow Vulnerability

NVIDIA Bootloader is a bootloader component from Nvidia Corporation. NVIDIA Bootloader is vulnerable to a buffer overflow vulnerability that can be exploited by attackers to cause information disclosure, data integrity, and information disclosure restrictions across all components...

6.7CVSS6.1AI score0.00281EPSS
Exploits0References1
Rows per page
Query Builder