CVE-2021-27074 Azure Sphere Unsigned Code Execution Vulnerability

...

CVE-2021-27080

CVE-2021-27080 is listed as Azure Sphere Unsigned Code Execution Vulnerability. Connected sources confirm affected product is Azure Sphere and describe a vulnerability that could allow unsigned code execution (with MSRC labeling it as an Azure Sphere Unsigned Code Execution vulnerability). The co...

CVE-2021-27080 Azure Sphere Unsigned Code Execution Vulnerability

...

Cisco IOS XR Software for Cisco 8000 and NCS 540 Routers Image Verification Vulnerabilities (cisco-sa-ioxr-l-zNhcGCBt)

According to its self-reported version, the Cisco IOS XR Software is affected by multiple vulnerabilities that allow an authenticated, local attacker to execute unsigned code during the boot process, as follows: - A vulnerability in the GRUB boot loader of Cisco NCS 540 Series Routers, only when...

Azure Sphere Unsigned Code Execution Vulnerability

...

Azure Sphere Unsigned Code Execution Vulnerability

...

Microsoft Azure Sphere 安全漏洞

Microsoft Azure Sphere is an appliance from Microsoft Corporation USA that is used to provide security in cloud environments. A security vulnerability exists in Microsoft Azure Sphere Unsigned. The following products and versions are affected: Azure Sphere...

OSV-2021-500 Heap-buffer-overflow in put_epel_8_fallback

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31738 Crash type: Heap-buffer-overflow READ 1 Crash state: putepel8fallback accelerationfunctions::puthevcepel void mcchroma...

grub2 code execution vulnerability

grub2 is a Linux system boot program from the GNU community. A security vulnerability exists in versions of grub2 prior to 2.06 where it incorrectly enables the ACPI command when enabling secure boot. The vulnerability allows an attacker with privileged access to create an auxiliary system...

CVE-2021-3418

A flaw was found in grub. If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. Thi...

CVE-2020-14372

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...

DEBIAN-CVE-2020-14372

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...

ALPINE-CVE-2020-14372

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...

AZL-6460 CVE-2020-14372 affecting package grub2 for versions less than 2.06~rc1-7

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...

Design/Logic Flaw

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...

CVE-2020-14372

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...

PT-2021-2254 · Cisco · Cisco Sd-Wan

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN Software versions affected versions not specified Description: A vulnerability in the Image Signature Verification feature could allow an authenticated, remote attacker with Administrator-level credentials to install a malicious...

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...