Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
system recovery vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv3
CVE-2024-23594
A buffer overflow vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to execute arbitrary code.
1 Article
6.1
CVSSv3
CVE-2017-6259
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect detection and recovery from an invalid state produced by specific user actions may lead to denial of service.
Nvidia Gpu Driver -
5.9
CVSSv3
CVE-2023-38353
MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows malicious users to steal highly sensitive information through a man in the middle attack.
Minitool Power Data Recovery
5.9
CVSSv3
CVE-2021-40055
There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.
Huawei Magic Ui 3.1.1
Huawei Magic Ui 3.1.0
Huawei Magic Ui 3.0.0
Huawei Emui 10.1.0
Huawei Emui 10.0.0
Huawei Emui 10.1.1
Huawei Magic Ui 4.0.0
Huawei Emui 11.0.0
Huawei Harmonyos 2.0
Huawei Emui 11.0.1
Huawei Emui 12.0.0
5.9
CVSSv3
CVE-2021-20600
Uncontrolled resource consumption in Mitsubishi Electric MELSEC iQ-R series C Controller Module R12CCPU-V Firmware Versions "16" and prior allows a remote unauthenticated malicious user to cause a denial-of-service (DoS) condition by sending a large number of packets in...
Mitsubishielectric R12ccpu-v Firmware
5.9
CVSSv3
CVE-2021-3537
A vulnerability found in libxml2 in versions prior to 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the applic...
Xmlsoft Libxml2
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Hci H410c Firmware -
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Openjdk 8
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Mysql Workbench
Oracle Real User Experience Insight 13.4.1.0
5.9
CVSSv3
CVE-2020-5929
In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH ...
F5 Big-ip Local Traffic Manager 11.6.2
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.6.2
F5 Big-ip Advanced Web Application Firewall 13.0.0
F5 Big-ip Advanced Web Application Firewall 12.1.2
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Advanced Web Application Firewall 11.6.2
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 11.6.2
F5 Big-ip Analytics 12.1.2
F5 Big-ip Analytics 13.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 11.6.2
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 13.0.0
5.9
CVSSv3
CVE-2019-6593
On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle (MITM) a...
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Access Policy Manager
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics
F5 Big-ip Application Security Manager 12.1.0
F5 Big-ip Application Security Manager 11.6.1
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System 12.1.0
F5 Big-ip Domain Name System 11.6.1
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway 12.1.0
F5 Big-ip Edge Gateway 11.6.1
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service 12.1.0
2 Github repositories
5.9
CVSSv3
CVE-2017-8851
An issue exists on OnePlus One and X devices. Due to a lenient updater-script on the OnePlus One and X OTA images, the fact that both products use the same OTA verification keys, and the fact that both products share the same 'ro.build.product' system property, attacker...
Oneplus Oxygenos
5.5
CVSSv3
CVE-2021-40045
There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.
Huawei Magic Ui 4.0.0
Huawei Emui 11.0.0
Huawei Emui 11.0.1
Huawei Harmonyos
Huawei Emui 12.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »