CVE-2019-5699

NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader contains a vulnerability where the software performs an incorrect bounds check, which may lead to buffer overflow resulting in escalation of privileges and code execution. escalation of privileges, and information disclosure, co...

CVE-2019-20567

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. A upparm heap overflow leads to code execution in the bootloader. The Samsung ID is SVE-2019-14993 September 2019...

CVE-2018-21089

An issue was discovered on Samsung mobile devices with N7.x MT6755/MT6757 Mediatek models software. Bootloader has an integer overflow that leads to arbitrary code execution via the download offset control. The Samsung ID is SVE-2017-10732 January 2018...

CVE-2019-5700

NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vulnerability in the bootloader, where it does not validate the fields of the boot image, which may lead to code execution, denial of service, escalation of privileges, and information disclosure...

CVE-2019-20594

An issue was discovered on Samsung mobile devices with O8.1 and P9.0 Exynos chipsets software. A heap overflow exists in the bootloader. The Samsung ID is SVE-2019-14371 July 2019...

CVE-2019-20548

An issue was discovered on Samsung mobile devices with P9.0 devices Qualcomm chipsets software. There is a buffer overflow in the bootloader. The Samsung ID is SVE-2019-15399 November 2019...

CVE-2019-14715

Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation...

CVE-2018-21070

An issue was discovered on Samsung mobile devices with N7.x, O8.0 devices MSM8998 or SDM845 chipsets software. An attacker can bypass Secure Boot and obtain root access because of a missing Bootloader integrity check. The Samsung ID is SVE-2018-11552 May 2018...

CVE-2019-17391

An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker with physical access to the device to read the contents of read-protected eFuses, such as flash encryption and...

SUSE-SU-2025:01615-1 Security update for grub2

This update for grub2 rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x8664 and aarch64 architectures are unchanged. Also the following issue were fixed: - CVE-2025-4382: TPM auto-decryption data exposure bsc1242971 - Fix...

K000151375: Intel Slim Bootloader vulnerability CVE-2025-20083

Security Advisory Description Improper authentication in the firmware for the IntelR Slim Bootloader may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-20083 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

CVE-2025-20083

Improper authentication in the firmware for the IntelR Slim Bootloader may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-20083

Improper authentication in the firmware for the IntelR Slim Bootloader may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-20083

Improper authentication in the firmware for the IntelR Slim Bootloader may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-20083

CVE-2025-20083 affects Intel® Slim Bootloader. Description: improper authentication in the firmware may allow a privileged user to escalate privileges via local access. References indicate Intel issued an advisory (INTEL-SA-01290) with mitigation guidance and affected platforms; CVSS scores shown...

CVE-2025-20083

Improper authentication in the firmware for the IntelR Slim Bootloader may allow a privileged user to potentially enable escalation of privilege via local access...

grub2: commands/extcmd: Missing check for failed allocation

A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parseoption function, leading...

grub2: reader/jpeg: Heap OOB Write during JPEG parsing

A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded...

grub2: fs/ufs: OOB write in the heap

A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure...

Intel® Slim Bootloader Advisory

Summary: A potential security vulnerability in the Intel® Slim Bootloader may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-20083 Description: Improper authentication in the firmware for the Inte...