Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
system recovery vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2023-48646
Zoho ManageEngine RecoveryManager Plus prior to 6070 allows admin users to execute arbitrary commands via proxy settings.
Zohocorp Manageengine Recoverymanager Plus
Zohocorp Manageengine Recoverymanager Plus 6.0
7.1
CVSSv3
CVE-2021-27364
An issue exists in the Linux kernel up to and including 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
Linux Linux Kernel
Debian Debian Linux 9.0
Netapp Solidfire Baseboard Management Controller Firmware -
Oracle Tekelec Platform Distribution
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
9 Github repositories
7.1
CVSSv3
CVE-2017-5701
Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery.
Intel Nuc7i7bnh Firmware Ayaplcel.86a.0041
Intel Nuc7i7bnh Firmware Syskli35.86a.0062
Intel Nuc7i7bnh Firmware Kyskli70.86a.0050
Intel Nuc7i7bnh Firmware Ccsklm5v.86a.0052
Intel Nuc7i7bnh Firmware Dnkbli5v.86a.0026
Intel Nuc7i7bnh Firmware Rybdwi35.86a.0366
Intel Nuc7i7bnh Firmware Bnkbl357.86a.0052
Intel Nuc7i7bnh Firmware Ccsklm30.86a.0052
Intel Nuc7i7bnh Firmware Tybyt20h.86a.0015
Intel Nuc7i7bnh Firmware Dnkbli30.86a.0026
Intel Nuc7i5bnh Firmware Ccsklm5v.86a.0052
Intel Nuc7i5bnh Firmware Ccsklm30.86a.0052
Intel Nuc7i5bnh Firmware Rybdwi35.86a.0366
Intel Nuc7i5bnh Firmware Tybyt20h.86a.0015
Intel Nuc7i5bnh Firmware Ayaplcel.86a.0041
Intel Nuc7i5bnh Firmware Kyskli70.86a.0050
Intel Nuc7i5bnh Firmware Bnkbl357.86a.0052
Intel Nuc7i5bnh Firmware Dnkbli5v.86a.0026
Intel Nuc7i5bnh Firmware Syskli35.86a.0062
Intel Nuc7i5bnh Firmware Dnkbli30.86a.0026
Intel Nuc7i5bnk Firmware Tybyt20h.86a.0015
Intel Nuc7i5bnk Firmware Bnkbl357.86a.0052
6.8
CVSSv3
CVE-2023-28972
An Improper Link Resolution Before File Access vulnerability in console port access of Juniper Networks Junos OS on NFX Series allows an malicious user to bypass console access controls. When "set system ports console insecure" is enabled, root login is disallowed for J...
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.2
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
Juniper Junos 22.1
Juniper Junos 22.2
Juniper Junos 22.3
6.8
CVSSv3
CVE-2022-23691
A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication. A successful exploit allows an malicious user to bypass system authentication and achieve total switch compromise in ArubaOS-C...
Arubanetworks Aos-cx
6.8
CVSSv3
CVE-2022-26865
Dell Support Assist OS Recovery versions prior to 5.5.2 contain an Authentication Bypass vulnerability. An unauthenticated attacker with physical access to the system may exploit this vulnerability by bypassing OS Recovery authentication in order to run arbitrary code on the syst...
Dell Supportassist Os Recovery 5.5.1
6.8
CVSSv3
CVE-2019-0035
When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using "set system root-authentication plain-text-password" on systems booted from an OAM (Operations, Administrati...
Juniper Junos 15.1
Juniper Junos 15.1x49
Juniper Junos 15.1x53
Juniper Junos 16.1
Juniper Junos 17.3
Juniper Junos 17.2
Juniper Junos 17.4
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.2x75
Juniper Junos 16.1x65
Juniper Junos 17.1
Juniper Junos 16.2
6.8
CVSSv3
CVE-2018-6242
Some NVIDIA Tegra mobile processors released before 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). An attacker with physical access to the device's USB and the ability to force the device to reboot into RCM could exploit the vulnerability to exe...
Nvidia Tegra Bootrom Rcm -
10 Github repositories
6.8
CVSSv3
CVE-2017-13084
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Freebsd Freebsd 11
Freebsd Freebsd 11.1
Redhat Enterprise Linux Desktop 7
Freebsd Freebsd
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 16.04
Freebsd Freebsd 10
Freebsd Freebsd 10.4
Opensuse Leap 42.3
Opensuse Leap 42.2
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux Server 7
W1.fi Hostapd 2.3
W1.fi Hostapd 2.2
W1.fi Hostapd 0.6.9
W1.fi Hostapd 0.6.8
W1.fi Hostapd 0.4.10
W1.fi Hostapd 0.4.9
W1.fi Hostapd 0.4.8
W1.fi Hostapd 0.2.6
1 Article
6.7
CVSSv3
CVE-2024-23593
A vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to modify the boot manager and escalate privileges.
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »