1778 matches found
CVE-2023-3487
An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots...
Integer overflow
An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots...
CVE-2023-3487 Integer overflow in Silicon Labs Gecko Bootloader leads to unbounded memory access
An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots...
CVE-2023-3487 Integer overflow in Silicon Labs Gecko Bootloader leads to unbounded memory access
An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots...
CVE-2023-3487
The CVE-2023-3487 entry affects Silicon Labs Gecko Bootloader versions 4.3.1 and earlier, caused by an integer overflow that enables unbounded memory access when reading from or writing to storage slots. The vulnerability could impact firmware handling of storage slots, with the disclosed data in...
PT-2023-25042 · Silicon · Gecko Bootloader
Name of the Vulnerable Software and Affected Versions: Silicon Labs Gecko Bootloader versions 4.3.1 and earlier Description: The issue is related to an integer overflow in the Gecko Bootloader, which allows unbounded memory access when reading from or writing to storage slots. Recommendations: Fo...
Silicon Labs Gecko Bootloader Input Validation Error Vulnerability
Silicon Labs Gecko Bootloader is a bootloader from Silicon Labs, Inc. A security vulnerability exists in Silicon Labs Gecko Bootloader version 4.3.1 and prior versions that originated from allowing unrestricted memory access while reading or writing to a memory slot...
PT-2023-5885 · Grub2 +10 · Grub2 +10
Name of the Vulnerable Software and Affected Versions: Grub2 affected versions not specified Description: The issue is related to an out-of-bounds read flaw in Grub2's NTFS filesystem driver. This flaw may allow a physically present attacker to present a specially crafted NTFS file system image t...
Fastboot Fuzzing
TL;DR The Fastboot protocol can often have hidden commands Those commands can do interesting things Conventionally they’re found by reverse engineering Cant find a copy of the firmware? Guess the commands A custom implementation of the protocol enables fuzzing via dictionary or brute force A simp...
CVE-2023-4041
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM Firmware Update File Parser modules allows Code Injection, Authentication Bypass.This issue affects "Standalone...
CVE-2023-4041
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM Firmware Update File Parser modules allows Code Injection, Authentication Bypass.This issue affects "Standalone...
Buffer overflow
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM Firmware Update File Parser modules allows Code Injection, Authentication Bypass.This issue affects "Standalone...
CVE-2023-4041 Second Stage Gecko Bootloader GBL Parser Buffer Overrun Vulnerability
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM Firmware Update File Parser modules allows Code Injection, Authentication Bypass.This issue affects "Standalone...
CVE-2023-4041
Silicon Labs Gecko Bootloader (ARM) contains a Buffer Copy without Checking Size ('Classic Buffer Overflow') along with an Out-of-bounds Write and Download of Code Without Integrity Check in its Firmware Update File Parser. This vulnerability may allow Code Injection and Authentication Bypass in ...
Silicon Labs Gecko Bootloader 安全漏洞
Silicon Labs Gecko Bootloader is a bootloader from Silicon Labs, Inc. A security vulnerability exists in Silicon Labs Gecko Bootloader that stems from not checking input size, resulting in buffer overflows, out-of-bounds writes, and more...
CVE-2023-39950
efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into bgsetenv or...
Code injection
efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into bgsetenv or...
CVE-2023-39950 Insufficient input validation in efibootguard
efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into bgsetenv or...
CVE-2023-39950 Insufficient input validation in efibootguard
efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into bgsetenv or...
CVE-2023-39950 Insufficient input validation in efibootguard
efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into bgsetenv or...