CLSA-2026-1770028764 kernel: Fix of 14 CVEs

efivarfs: Fix slab-out-of-bounds in efivarfsdcompare CVE-2025-39817 - scsi: ses: Fix possible descptr out-of-bounds accesses CVE-2023-53675 - ipv6: Fix out-of-bounds access in ipv6findtlv CVE-2023-53705 - libceph: fix potential use-after-free in havemonandosdmap CVE-2025-68285 - scsi: lpfc: Fix...

EUVD-2023-24415

Malicious code in bioql PyPI...

CVE-2023-20236

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating...

Cisco IOS XR Software iPXE Boot Signature Bypass (cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB)

According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to...

CVE-2023-20236

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating...

Design/Logic Flaw

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating...

CVE-2023-20236

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating...

CVE-2023-20236

Cisco IOS XR’s iPXE boot function is vulnerable to an image-verification bypass. An authenticated, local attacker could manipulate iPXE boot parameters to load an unverified/rogue image on the device due to insufficient image verification. Cisco has released software updates addressing this vulne...

CVE-2023-20236

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating...

PT-2022-6954 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR affected versions not specified Description: The issue is related to insufficient image verification in the iPXE boot function of Cisco IOS XR software. This could allow an authenticated, local attacker to install an unverified...