Operator can cause funds to be stolen by manipulating gas fee refund

Lines of code Vulnerability details Impact An operator can manipulate the refund of gas fee mechanism to steal from the bootloader balance. Inside refundCurrentL2Transaction function in the bootloader where the refund is happening for the refund recipient at L1097, the operator provides a value f...

Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure (cisco-sa-iosxr-load-infodisc-9rdOr5Fq)

According to its self-reported version, Cisco IOS XR is affected by an information disclosure vulnerability. An unauthenticated attacker with physical access can exploit this, by being connected to the console port when the device is power cycled, in order to view sensitive files. Please see the...

Cisco IOS XR 安全漏洞

Cisco IOS XR is an operating system developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR, which stems from a security issue in GRand Unified Bootloader GRUB, which can be exploited by an attacker to view sensitive files on the console using the GRUB bootload...

CVE-2023-20064

CVE-2023-20064 affects Cisco IOS XR Software. A vulnerability in the GRand Unified Bootloader (GRUB) allows a local, unauthenticated attacker with physical access to view sensitive files via the console during power-cycle, due to unnecessary commands in the GRUB environment. Exploitation requires...

CVE-2023-20064 Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability

A vulnerability in the GRand Unified Bootloader GRUB for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary comman...

Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability

A vulnerability in the GRand Unified Bootloader GRUB for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary comman...

PT-2023-2264 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the GRand Unified Bootloader GRUB for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive fil...

The vulnerability of the Bootloader component of AMD processors allows a hacker to trigger a system failure.

The vulnerability of the Bootloader component of AMD processors exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to cause service failure remotely...

OESA-2023-1121 shim security update

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. Security Fixes: There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structur...

Bootloader mode vulnerability in Flexi Soft Gateways v3

The SICK PSIRT received a report about a Missing Authentication for Critical Function vulnerability in the firmware of FX0-GPNT v3 and FX0-GENT v3. This vulnerability was introduced with the hardware redesign of the v3 of FX0-GENT and FX0-GPNT as part of the implementation of the RK512 protocol...

SUSE CVE-2016-9379

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...

SUSE CVE-2016-10277

An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing...

SUSE CVE-2017-3225

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt...

SUSE CVE-2017-3226

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption i.e., setting the configuration parameter CONFIGENVAES=y read environment variables from disk as the encrypte...

SUSE CVE-2019-14198

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfsreadreply when calling storeblock in the NFSv3 case...

SUSE CVE-2019-14865

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure for example by setting RLIMIT, causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots...

SUSE CVE-2020-15707

Integer overflows were discovered in the functions grubcmdinitrd and grubinitrdinit in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu the functionality is not included in GRUB2 upstream, leading to a heap-based buffer overflow. These could be triggered by an extremely...

SUSE CVE-2021-26347

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

SUSE CVE-2021-28693

xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...

SUSE CVE-2022-34301

A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...