Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1779 matches found

RedHat Linux
RedHat Linuxadded 2020/07/29 7:40 p.m.2 views

grub2: Fail kernel validation without shim protocol

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim...

6.4CVSS7AI score0.00024EPSS
Exploits0References4
The Hacker News
The Hacker Newsadded 2020/07/29 7:13 p.m.0 views

Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems

A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide—including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. Dubbed 'BootHole ' and tracked as...

8.2CVSS7.9AI score0.00369EPSS
Exploits0
The Hacker News
The Hacker Newsadded 2020/07/29 7:13 p.m.214 views

Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems

A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide—including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. Dubbed 'BootHole' and tracked as...

8.2CVSS1.1AI score0.00369EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2020/07/29 6:34 p.m.2 views

grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow

A flaw was found in grub2. When handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size, the name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. The highes...

6.7CVSS7.3AI score0.00045EPSS
Exploits0References4
OSV
OSVadded 2020/07/29 6:15 p.m.1 views

DEBIAN-CVE-2020-15706

GRUB2 contains a race condition in grubscriptfunctioncreate leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2...

6.4CVSS9.3AI score0.00044EPSS
Exploits0References1
OSV
OSVadded 2020/07/29 5:0 p.m.0 views

UBUNTU-CVE-2020-15707

Integer overflows were discovered in the functions grubcmdinitrd and grubinitrdinit in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu the functionality is not included in GRUB2 upstream, leading to a heap-based buffer overflow. These could be triggered by an extremely...

6.4CVSS7.5AI score0.00031EPSS
Exploits1References7
Debian
Debianadded 2020/07/29 4:59 p.m.76 views

[SECURITY] [DSA 4735-1] grub2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4735-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez July 29, 2020 https://www.debian.org/security/faq -...

8.2CVSS8.8AI score0.00369EPSS
Exploits1
Positive Technologies
Positive Technologiesadded 2020/07/29 12:0 a.m.6 views

PT-2020-6737 · Grub2 +7 · Grub2 +7

Name of the Vulnerable Software and Affected Versions: GRUB2 versions 2.04 and prior Description: The issue is related to an incorrect validation of cryptographic signatures in the GRUB2 bootloader, which can allow an attacker to bypass secure boot and execute arbitrary code, gaining full control...

8.2CVSS7.1AI score0.04702EPSS
Exploits2References167
Positive Technologies
Positive Technologiesadded 2020/07/29 12:0 a.m.5 views

PT-2020-3312 · Gnu +8 · Grub2 +8

The vulnerable software is GRUB2, a widely used bootloader for Linux and other operating systems. The affected versions are prior to 2.06. The issue is caused by a buffer overflow in the GRUB2 configuration file, which can be exploited by attackers to gain arbitrary code execution during the boot...

8.2CVSS7.6AI score0.04702EPSS
Exploits2References220
OSV
OSVadded 2020/06/29 6:15 p.m.2 views

CVE-2020-13896

The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...

5.3CVSS7AI score
Exploits0References1
CNVD
CNVDadded 2020/06/04 12:0 a.m.2 views

Cisco IOS XE Command Injection Vulnerability (CNVD-2020-31959)

Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. A command injection vulnerability exists in the handling of bootloader options in Cisco IOS XE Software, which arises from insufficient validation of input information when handlin...

7.2CVSS7.8AI score0.00208EPSS
Exploits0References1
CNVD
CNVDadded 2020/05/12 12:0 a.m.2 views

Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-30170)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices suffer from a buffer overflow vulnerability that can be exploited by an attacker to bypass the Secure Bootloader protection mechanism via a...

10CVSS7.9AI score0.00288EPSS
Exploits0References1
NVD
NVDadded 2020/05/11 4:15 p.m.9 views

CVE-2020-12753

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. Arbitrary code execution can occur via the bootloader because of an EL1/EL3 coldboot vulnerability involving rawresources. The LG ID is LVE-SMP-200006 May 2020...

9.8CVSS9.6AI score0.06285EPSS
Exploits2References3
OSV
OSVadded 2020/05/11 4:15 p.m.2 views

CVE-2020-12753

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. Arbitrary code execution can occur via the bootloader because of an EL1/EL3 coldboot vulnerability involving rawresources. The LG ID is LVE-SMP-200006 May 2020...

9.8CVSS6.2AI score0.06285EPSS
Exploits2References3
NVD
NVDadded 2020/05/11 4:15 p.m.13 views

CVE-2020-12747

An issue was discovered on Samsung mobile devices with Q10.0 Exynos980 9630 and Exynos990 9830 chipsets software. The Bootloader has a heap-based buffer overflow because of the mishandling of specific commands. The Samsung IDs are SVE-2020-16981, SVE-2020-16991 May 2020...

9.8CVSS9.8AI score0.00159EPSS
Exploits0References1
OSV
OSVadded 2020/05/11 4:15 p.m.3 views

CVE-2020-12747

An issue was discovered on Samsung mobile devices with Q10.0 Exynos980 9630 and Exynos990 9830 chipsets software. The Bootloader has a heap-based buffer overflow because of the mishandling of specific commands. The Samsung IDs are SVE-2020-16981, SVE-2020-16991 May 2020...

9.8CVSS6.1AI score
Exploits0References1
OSV
OSVadded 2020/05/11 4:15 p.m.3 views

CVE-2020-12746

An issue was discovered on Samsung mobile devices with O8.X, P9.0, and Q10.0 Exynos chipsets software. Attackers can bypass the Secure Bootloader protection mechanism via a heap-based buffer overflow to execute arbitrary code. The Samsung ID is SVE-2020-16712 May 2020...

9.8CVSS7.8AI score
Exploits0References1
NVD
NVDadded 2020/05/11 4:15 p.m.17 views

CVE-2020-12746

An issue was discovered on Samsung mobile devices with O8.X, P9.0, and Q10.0 Exynos chipsets software. Attackers can bypass the Secure Bootloader protection mechanism via a heap-based buffer overflow to execute arbitrary code. The Samsung ID is SVE-2020-16712 May 2020...

10CVSS9.9AI score0.00288EPSS
Exploits0References1
Prion
Prionadded 2020/05/11 4:15 p.m.17 views

Heap overflow

An issue was discovered on Samsung mobile devices with O8.X, P9.0, and Q10.0 Exynos chipsets software. Attackers can bypass the Secure Bootloader protection mechanism via a heap-based buffer overflow to execute arbitrary code. The Samsung ID is SVE-2020-16712 May 2020...

10CVSS9.8AI score0.00288EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2020/05/11 4:15 p.m.16 views

Heap overflow

An issue was discovered on Samsung mobile devices with Q10.0 Exynos980 9630 and Exynos990 9830 chipsets software. The Bootloader has a heap-based buffer overflow because of the mishandling of specific commands. The Samsung IDs are SVE-2020-16981, SVE-2020-16991 May 2020...

7.5CVSS9.7AI score0.00159EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder