26 matches found
Exploit for CVE-2025-57428
My security advisories CVE-2025-57428 - Telnet debug interf...
EUVD-2019-5479
Malware in sbrugna...
EUVD-2019-5481
Malware in sbrugna...
EUVD-2023-57336
Malicious code in bioql PyPI...
EUVD-2025-26115
Malicious code in bioql PyPI...
CVE-2025-57428
Default credentials in Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 allows attackers to gain access to the debug shell exposed via Telnet on Port 23 and execute hardware-level flash and register manipulation commands...
Exploit for CVE-2025-57428
CVE-2025-57428 - Telnet debug interface enabled by default all...
CVE-2019-14237
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by observing CPU registers and the effect of code/instruction execution...
CVE-2019-14239
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by leveraging a load instruction inside the execute-only region to expose the protected code into a CPU register...
CVE-2024-38433 Nuvoton - CWE-305: Authentication Bypass by Primary Weakness
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution...
Nuvoton NPCM7xx Security Vulnerability
Nuvoton NPCM7xx is a server remote management control chip from Nuvoton China. A security vulnerability exists in Nuvoton NPCM7xx Poleg BootBlock versions prior to v10.10.19, which originates from bypassing authentication via a major weakness, and can be exploited to modify the u-boot image heade...
PT-2024-4251
Name of the Vulnerable Software and Affected Versions ESP-IDF versions prior to 4.4.7 ESP-IDF versions prior to 5.2.1 Description A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader, which could allow an attacker with physical access ...
SUSE CVE-2009-1307
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to 1 bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; 2 read, create, or modify...
PT-2023-14076 · Nvidia · Nvidia Bmc
Name of the Vulnerable Software and Affected Versions: NVIDIA BMC affected versions not specified Description: The issue allows an unauthenticated host to write to a host SPI flash, bypassing secureboot protections. This may lead to a loss of integrity and denial of service. Recommendations: At t...
CVE-2021-3599
A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code...
CVE-2021-3599
A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code...
CVE-2021-3453
Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage...
CVE-2019-14239
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by leveraging a load instruction inside the execute-only region to expose the protected code into a CPU register...
Improper access control
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by leveraging a load instruction inside the execute-only region to expose the protected code into a CPU register...
CVE-2019-14239
CVE-2019-14239 affects NXP Kinetis KV1x, KV3x, and K8x devices where Flash Access Controls (FAC) can be defeated by a load instruction inside an execute-only region, exposing protected code into a CPU register. The core issue is a software IP protection bypass in FAC, enabling information exposur...