SUSE CVE-2024-56737

GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...

SUSE CVE-2024-56738

GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks...

CVE-2024-49422

Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...

CVE-2024-49422

Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...

CVE-2024-49422

Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...

CVE-2024-49422

Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...

CVE-2024-49422

CVE-2024-49422 describes a protection mechanism failure in the bootloader of Samsung mobile devices. Prior to SMR Oct-2024 Release 1, the bootloader protection can be bypassed by a hardware fault injection, allowing a physical attacker to reset the lockscreen failure count. The exploit requires u...

CVE-2024-49422

Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from a failure in the bootloader protection mechanism, allowing a physical...

PT-2024-33533

Name of the Vulnerable Software and Affected Versions Bootloader versions prior to SMR Oct-2024 Release 1 Description A failure in the protection mechanism of the bootloader allows physical attackers to reset the lockscreen failure count by injecting a hardware fault. This issue requires user...

UBUNTU-CVE-2024-56738

GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks...

GNU GRUB 安全漏洞

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a buffer overflow vulnerability that originates from a boundary error in fs/hfs.c when handling untrusted input. An attacker could exploit the vulnerability via a heap-based buffer overflow caused by carefully...

Cisco NX-OS Software Image Verification Bypass (cisco-sa-nxos-image-sig-bypas-pQDRQvjL)

According to its self-reported version, the remote device is affected by a vulnerability. - A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative...

Cisco NX-OS Software Access Control Error Vulnerability (CNVD-2025-01388)

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. The Cisco NX-OS Software suffers from an Access Control Error vulnerability, which arises from an insecure bootloader setting, and can be exploited by an attacker to bypass...

CLSA-2024-1734041590 Update of grub2

Update version and epoch...

ROS-20241209-01

A vulnerability in AMD EPYC™ AGESA™ PI packages is related to incorrect input and range validation in the header of an AMD Secure Processor ASP bootloader image. of the AMD Secure Processor ASP bootloader image. Exploitation of the vulnerability could allow an attacker to, use attacker-controlled...

CVE-2024-20397

A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification. This vulnerability is due to insecure...

CVE-2024-20397

Cisco NX-OS Software is affected by a bootloader vulnerability (CVE-2024-20397) that allows bypassing image signature verification. The issue stems from insecure bootloader settings and can be exploited by executing bootloader commands to load unverified software. Attacker access requirements: un...

CVE-2024-20397 Cisco NX-OS Software Image Verification Bypass Vulnerability

A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification. This vulnerability is due to insecure...

CVE-2024-20397 Cisco NX-OS Software Image Verification Bypass Vulnerability

A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification. This vulnerability is due to insecure...