Lucene search
K

11 matches found

OSV
OSV
added 2026/03/20 11:16 p.m.5 views

DEBIAN-CVE-2026-33243

barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 and the corresponding backport to 2025.09.3, an attacker could exploit a FIT signature verification vulnerability to trick the bootloader into booting different images than those that were verified as part of a...

8.2CVSS5.7AI score0.00108EPSS
Exploits0References1
Arista
Arista
added 2025/10/22 12:0 a.m.35 views

Security Advisory 0124

Security Advisory 0124 PDF Date: October 22, 2025 Revision | Date | Changes ---|---|--- 1.0 | October 22, 2025 | Initial release The following issues were discovered in Arista DANZ Monitoring Fabric DMF. These issues affect DMF, Converged Cloud Fabric CCF, CloudVision Appliance CVA, and Multi-Clo...

7.8CVSS5.8AI score0.00221EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/09/10 4:6 p.m.3 views

CVE-2025-20248 Cisco IOS XR Software Image Verification Bypass Vulnerability

A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerability, the attacker must have root-system...

6CVSS5.9AI score0.00096EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/10 4:6 p.m.18 views

CVE-2025-20248 Cisco IOS XR Software Image Verification Bypass Vulnerability

A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerability, the attacker must have root-system...

6CVSS0.00096EPSS
Exploits0References1
Cisco
Cisco
added 2025/09/10 4:0 p.m.10 views

Cisco IOS XR Software Image Verification Bypass Vulnerability

A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerability, the attacker must have root-system...

6CVSS6.5AI score0.00096EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:31 p.m.4 views

CVE-2021-30317

Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voi...

9.3CVSS7.2AI score0.01389EPSS
Exploits0References1
OSV
OSV
added 2025/03/12 4:15 p.m.4 views

CVE-2025-20177

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the...

6.7CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2022/02/11 11:15 a.m.23 views

Input validation

Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voi...

7.2CVSS7.6AI score0.01389EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/03/24 8:15 p.m.9 views

CVE-2021-1375 Cisco IOS XE Software Fast Reload Vulnerabilities

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and...

6.7CVSS7.2AI score0.00232EPSS
Exploits0References1
OSV
OSV
added 2021/03/24 8:15 p.m.3 views

CVE-2021-1453

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check in the code functi...

6.8CVSS6.9AI score0.00223EPSS
Exploits0References1
OSV
OSV
added 2020/05/20 7:15 p.m.4 views

CVE-2020-13241

Microweber 1.1.18 allows Unrestricted File Upload because admin/view:modules/loadmodule:usersedit-user=1 does not verify that the file extension used with the Add Image option on the Edit User screen corresponds to an image file...

7.8CVSS5.8AI score0.00455EPSS
Exploits1References1
Rows per page
Query Builder