Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...

CVE-2025-52648

HCL AION is affected by a vulnerability where offering images are not digitally signed. Lack of image signing may allow the use of unverified or tampered images, potentially leading to security risks such as integrity compromise or unintended behavior in the system...

CVE-2025-40604

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution...

PT-2025-47567

Name of the Vulnerable Software and Affected Versions SonicWall Email Security Appliance affected versions not specified Description The SonicWall Email Security appliance downloads root filesystem images without verifying signatures. This allows attackers with VMDK or datastore access to modify...

EUVD-2023-42302

Malicious code in bioql PyPI...

Kyverno 授权问题漏洞

Kyverno is a policy engine for Kubernetes open-sourced by Kyverno. A security vulnerability exists in Kyverno versions 1.8.3 and 1.8.4, which stems from a vulnerability that allows a malicious image registry or a man-in-the-middle attacker to inject unsigned arbitrary container images into a...

Supply Chain Attack

Policy-controller is vulnerable to supply chain attack. Due to a flaw in the function ValidatePolicyAttestationsForAuthority, images will be reported as false positives resulting in admission in specific conditions. An attacker can use this vulnerability to run unsigned images...

CVE-2022-34762

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 an...

CVE-2021-1375

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and...

CVE-2021-1376

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and...

CVE-2021-1453

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check in the code functi...

Cisco Catalyst 3850 Series Switches and 9300 Series Switches IOS XE Data Forgery Issue Vulnerability

Cisco Catalyst 3850 Series Switches and Cisco Catalyst 9300 Series Switches are both products of Cisco Systems. the Cisco Catalyst 3850 Series Switches is a 3850 Series Switch. Cisco Catalyst 9300 Series Switches is a 9300 series switch.IOS XE is an operating system developed for its network...

Cisco NX-OS and Cisco IOS XE Data Forgery Issue Vulnerabilities

Cisco NX-OS Software and IOS XE are both products of Cisco Corporation.Cisco NX-OS Software is a set of data center-grade operating system software used by switches.IOS XE is a set of operating systems developed for use with its network devices. Cisco NX-OS and Cisco IOS XE in the data forgery...

PT-2019-2214 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: The issue is related to incorrect verification of cryptographic signatures in the Image Signature Verification feature of Cisco NX-OS Software. This could allow an authenticate...

CVE-2018-15370

A vulnerability in Cisco IOS ROM Monitor ROMMON Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, local attacker to bypass Cisco Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to the presence of a...