Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pengutronix barebox vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-37848
common/password.c in Pengutronix barebox up to and including 2021.07.0 leaks timing information because strncmp is used during hash comparison.
Pengutronix Barebox
7.5
CVSSv2
CVE-2019-15938
Pengutronix barebox up to and including 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a memcpy.
Pengutronix Barebox
1 Github repository
6.4
CVSSv2
CVE-2020-13910
Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check.
Pengutronix Barebox
1 Github repository
5
CVSSv2
CVE-2021-37847
crypto/digest.c in Pengutronix barebox up to and including 2021.07.0 leaks timing information because memcmp is used during digest verification.
Pengutronix Barebox
7.5
CVSSv2
CVE-2019-15937
Pengutronix barebox up to and including 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy.
Pengutronix Barebox
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started