CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-37260

Malicious code in bioql PyPI...

6.7CVSS8AI score0.00112EPSS

Exploits0References4

OSV•added 2025/03/14 3:44 p.m.•1 views

OESA-2025-1281 syslinux security update

The Syslinux Project covers lightweight bootloaders for MS-DOS FAT filesystems SYSLINUX, network booting PXELINUX, bootable "El Torito" CD-ROMs ISOLINUX, and Linux ext2/ext3/ext4 or btrfs filesystems EXTLINUX. The project also includes MEMDISK, a tool to boot legacy operating systems such as DOS...

5.3CVSS7.1AI score0.02019EPSS

Exploits1References2

Rapid7 Blog•added 2024/02/29 5:32 p.m.•58 views

How To Hunt For UEFI Malware Using Velociraptor

UEFI threats have historically been limited in number and mostly implemented by nation state actors as stealthy persistence. However, the recent proliferation of Black Lotus on the dark web, Trickbot enumeration module late 2022, and Glupteba November 2023 indicates that this historical trend may...

4.9CVSS6.9AI score0.33643EPSS

Exploits1

RedHat Linux•added 2023/05/09 10:3 a.m.•2 views

shim: 3rd party shim allow secure boot bypass

A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use...

6.7CVSS6.1AI score0.00112EPSS

Exploits0References6

NVD•added 2022/08/26 6:15 p.m.•19 views

CVE-2022-34302

A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...

6.7CVSS0.00143EPSS

Exploits0References3

NVD•added 2022/08/26 6:15 p.m.•20 views

CVE-2022-34303

6.7CVSS0.00112EPSS

Exploits0References3

ATTACKERKB•added 2022/08/26 6:15 p.m.•2 views

CVE-2022-34301

A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...

6.7CVSS7.3AI score0.00125EPSS

Exploits0References4

Prion•added 2022/08/26 6:15 p.m.•19 views

Input validation

4CVSS7AI score0.00125EPSS

Exploits0References3Affected Software5

Prion•added 2022/08/26 6:15 p.m.•27 views

Input validation

4CVSS7AI score0.00112EPSS

Exploits0References3Affected Software5

Cvelist•added 2022/08/26 12:0 a.m.•22 views

CVE-2022-34303

8.5AI score0.00112EPSS

Exploits0References3

Cvelist•added 2022/08/26 12:0 a.m.•19 views

CVE-2022-34301

8.5AI score0.00125EPSS

Exploits0References3

CVE•added 2022/08/26 12:0 a.m.•209 views

CVE-2022-34303

CVE-2022-34303 describes a Secure Boot bypass in signed 3rd‑party UEFI bootloaders (Eurosoft) where an attacker can substitute the current signed bootloader with a malicious one to load unsigned code in the pre-boot phase. Access to the EFI System Partition is required to boot via external media,...

6.7CVSS8.2AI score0.00112EPSS

Exploits0References3Affected Software1

CVE•added 2022/08/26 12:0 a.m.•132 views

CVE-2022-34301

CVE-2022-34301 describes a vulnerability in third‑party UEFI bootloaders (CryptoPro Secure Disk) that can bypass Secure Boot and execute unsigned code in the pre‑boot phase. An attacker must access the EFI System Partition and replace the signed bootloader with a vulnerable one, enabling local co...

6.7CVSS8.2AI score0.00125EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2022/08/23 3:9 p.m.•123 views

CVE-2022-34303

7.2CVSS7.4AI score0.00112EPSS

Exploits0References5

RedhatCVE•added 2022/08/23 3:9 p.m.•206 views

CVE-2022-34301

7.2CVSS7.4AI score0.00125EPSS

Exploits0References5

RedhatCVE•added 2022/08/23 2:41 p.m.•79 views

CVE-2022-34302

7.5CVSS7.4AI score0.00143EPSS

Exploits0References5

CERT•added 2022/08/11 12:0 a.m.•164 views

Signed third party UEFI bootloaders are vulnerable to Secure Boot bypass

Overview A security feature bypass vulnerability exists in signed 3rd party UEFI bootloaders that allows bypass of the UEFI Secure Boot feature. An attacker who successfully exploits this vulnerability can bypass the UEFI Secure Boot feature and execute unsigned code during the boot process...

6.7CVSS7.5AI score0.00143EPSS

Exploits0References8

Positive Technologies•added 2022/08/09 12:0 a.m.•1 views

PT-2022-4307 · Microsoft +3 · Windows +3

Name of the Vulnerable Software and Affected Versions: Eurosoft bootloaders versions prior to 2022-06-01 Description: A flaw was found in Eurosoft bootloaders that allows an attacker to bypass or tamper with Secure Boot protections. To load and execute arbitrary code in the pre-boot stage, an...

6.7CVSS6.9AI score0.00143EPSS

Exploits0References28

CNVD•added 2022/04/11 12:0 a.m.•10 views

Huawei FLMG-10 Authorization Issues Vulnerability

Huawei FLMG-10 is a high-end Bluetooth remote control speaker from Huawei, China. The Huawei FLMG-10 suffers from an authorization issue vulnerability that stems from incorrect authentication issues. A local attacker can exploit the vulnerability to install a persistent and cryptic bootstrap or...

7.2CVSS7.4AI score0.00019EPSS

Exploits0References1

Huawei•added 2020/09/23 12:0 a.m.•49 views

Security Advisory - Buffer Overflow Vulnerability BootHole in GRUB2 Secure Boot

Eclypsium researchers have discovered a vulnerability named“BootHole”in the GRUB2 bootloader. There is a buffer overflow vulnerability that can be used to gain arbitrary code execution during the boot process, even when Secure Boot is enabled. Attackers exploiting this vulnerability can install...

8.2CVSS8.8AI score0.00369EPSS

Exploits0Affected Software6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by