Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pengutronix barebox vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-37848
common/password.c in Pengutronix barebox up to and including 2021.07.0 leaks timing information because strncmp is used during hash comparison.
Pengutronix Barebox
6.4
CVSSv2
CVE-2020-13910
Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check.
Pengutronix Barebox
1 Github repository
7.5
CVSSv2
CVE-2019-15937
Pengutronix barebox up to and including 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy.
Pengutronix Barebox
1 Github repository
7.5
CVSSv2
CVE-2019-15938
Pengutronix barebox up to and including 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a memcpy.
Pengutronix Barebox
1 Github repository
5
CVSSv2
CVE-2021-37847
crypto/digest.c in Pengutronix barebox up to and including 2021.07.0 leaks timing information because memcmp is used during digest verification.
Pengutronix Barebox
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started