Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pengutronix barebox vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2020-13910
Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check.
Pengutronix Barebox
1 Github repository
7.5
CVSSv2
CVE-2019-15938
Pengutronix barebox up to and including 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a memcpy.
Pengutronix Barebox
1 Github repository
5
CVSSv2
CVE-2021-37847
crypto/digest.c in Pengutronix barebox up to and including 2021.07.0 leaks timing information because memcmp is used during digest verification.
Pengutronix Barebox
5
CVSSv2
CVE-2021-37848
common/password.c in Pengutronix barebox up to and including 2021.07.0 leaks timing information because strncmp is used during hash comparison.
Pengutronix Barebox
7.5
CVSSv2
CVE-2019-15937
Pengutronix barebox up to and including 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy.
Pengutronix Barebox
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started