Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
denx u-boot vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2019-14197
An issue exists in Das U-Boot up to and including 2019.07. There is a read of out-of-bounds data at nfs_read_reply.
Denx U-boot
9.8
CVSSv3
CVE-2019-14198
An issue exists in Das U-Boot up to and including 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.
Denx U-boot
9.8
CVSSv3
CVE-2019-14199
An issue exists in Das U-Boot up to and including 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call.
Denx U-boot
9.8
CVSSv3
CVE-2019-14200
An issue exists in Das U-Boot up to and including 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply.
Denx U-boot
9.8
CVSSv3
CVE-2019-14201
An issue exists in Das U-Boot up to and including 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply.
Denx U-boot
9.8
CVSSv3
CVE-2019-14202
An issue exists in Das U-Boot up to and including 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply.
Denx U-boot
9.8
CVSSv3
CVE-2019-14203
An issue exists in Das U-Boot up to and including 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply.
Denx U-boot
9.8
CVSSv3
CVE-2019-14204
An issue exists in Das U-Boot up to and including 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply.
Denx U-boot
5.5
CVSSv3
CVE-2018-1000205
U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.
Denx U-boot
4.6
CVSSv3
CVE-2017-3225
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow ...
Denx U-boot
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »