Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
denx vulnerabilities and exploits
(subscribe to this query)
891
VMScore
CVE-2018-18439
DENX U-Boot up to and including 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image.
Denx U-boot 2018.09
Denx U-boot
890
VMScore
CVE-2020-8432
In Das U-Boot up to and including 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an malicious user to execute arbitrary code. NOTE: this vulnerablity was introduced when at...
Denx U-boot
Opensuse Leap 15.2
739
VMScore
CVE-2019-13106
Das U-Boot versions 2016.09 up to and including 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution.
Denx U-boot 2019.07
Denx U-boot
Opensuse Leap 15.0
Opensuse Leap 15.1
668
VMScore
CVE-2022-34835
In Das U-Boot up to and including 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function.
Denx U-boot 2022.07
Denx U-boot
668
VMScore
CVE-2022-30767
nfs_lookup_reply in net/nfs.c in Das U-Boot up to and including 2022.04 (and up to and including 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196.
Denx U-boot
Denx U-boot 2022.07
Fedoraproject Fedora 36
668
VMScore
CVE-2019-14193
An issue exists in Das U-Boot up to and including 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.
Denx U-boot
668
VMScore
CVE-2019-14194
An issue exists in Das U-Boot up to and including 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case.
Denx U-boot
668
VMScore
CVE-2019-14195
An issue exists in Das U-Boot up to and including 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length.
Denx U-boot
668
VMScore
CVE-2019-14198
An issue exists in Das U-Boot up to and including 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.
Denx U-boot
668
VMScore
CVE-2019-14199
An issue exists in Das U-Boot up to and including 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call.
Denx U-boot
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »