Lucene search

Barebox Security Vulnerabilities

cve

CVE-2021-37848

common/password.c in Pengutronix barebox through 2021.07.0 leaks timing information because strncmp is used during hash...

7.5CVSS

7.4AI Score

0.002EPSS

2021-08-02 08:15 PM

cve

CVE-2021-37847

crypto/digest.c in Pengutronix barebox through 2021.07.0 leaks timing information because memcmp is used during digest...

7.5CVSS

7.4AI Score

0.002EPSS

2021-08-02 08:15 PM

cve

CVE-2020-13910

Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds...

9.1CVSS

9.1AI Score

0.002EPSS

2020-06-07 08:15 PM

cve

CVE-2019-15937

Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a...

9.8CVSS

9.7AI Score

0.011EPSS

2019-09-05 03:15 PM

cve

CVE-2019-15938

Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a...

9.8CVSS

9.7AI Score

0.011EPSS

2019-09-05 03:15 PM