Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
denx vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-33967
squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition ...
Denx U-boot 2021.04
Denx U-boot 2022.07
Denx U-boot 2022.01
Denx U-boot 2020.10
Denx U-boot 2021.01
Denx U-boot 2022.04
320
VMScore
CVE-2019-13103
A crafted self-referential DOS partition table will cause all Das U-Boot versions up to and including 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data.
Denx U-boot 2019.07
Denx U-boot 2019.04
Denx U-boot
392
VMScore
CVE-2018-3968
An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an malicious user to bypass U-Boot's verified boot and execute an unsigned...
Denx U-boot 2013.07
Denx U-boot
Denx U-boot 2014.07
409
VMScore
CVE-2022-33103
Das U-Boot from v2020.10 to v2022.07-rc3 exists to contain an out-of-bounds write via the function sqfs_readdir().
Denx U-boot 2022.07
Denx U-boot
668
VMScore
CVE-2022-34835
In Das U-Boot up to and including 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function.
Denx U-boot 2022.07
Denx U-boot
668
VMScore
CVE-2019-11059
Das U-Boot 2016.11-rc1 up to and including 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow.
Denx U-boot 2016.11
Denx U-boot
891
VMScore
CVE-2018-18439
DENX U-Boot up to and including 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image.
Denx U-boot 2018.09
Denx U-boot
605
VMScore
CVE-2021-27138
The boot loader in Das U-Boot prior to 2021.04-rc2 mishandles use of unit addresses in a FIT.
Denx U-boot 2021.04
Denx U-boot
642
VMScore
CVE-2018-18440
DENX U-Boot up to and including 2018.09-rc1 has a locally exploitable buffer overflow via a crafted kernel image because filesystem loading is mishandled.
Denx U-boot 2018.09
Denx U-boot
605
VMScore
CVE-2021-27097
The boot loader in Das U-Boot prior to 2021.04-rc2 mishandles a modified FIT.
Denx U-boot 2021.04
Denx U-boot
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »