Lucene search
K

17 matches found

OpenVAS
OpenVAS
added 2025/01/14 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for uboot-tools (EulerOS-SA-2025-1064)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS7AI score0.00586EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/01/14 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for uboot-tools (EulerOS-SA-2025-1047)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS7AI score0.00586EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.30 views

EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2025-1047)

According to the versions of the uboot-tools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup...

7.7CVSS7.3AI score0.00586EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/11/11 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for uboot-tools (EulerOS-SA-2024-2896)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS7.7AI score0.00586EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/11/11 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for uboot-tools (EulerOS-SA-2024-2916)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS7.7AI score0.00586EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.20 views

EulerOS 2.0 SP10 : uboot-tools (EulerOS-SA-2024-2916)

According to the versions of the uboot-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There exists an unchecked length field in UBoot.The U-Boot DFU implementation does not bound the length field in USB DFU download setup packet...

7.7CVSS7.3AI score0.00586EPSS
Exploits1References2
OSV
OSV
added 2024/09/27 11:9 a.m.4 views

OESA-2024-2187 uboot-tools security update

This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound t...

7.7CVSS6.6AI score0.00586EPSS
Exploits1References2
OSV
OSV
added 2024/09/27 11:9 a.m.2 views

OESA-2024-2186 uboot-tools security update

This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound t...

7.7CVSS6.6AI score0.00586EPSS
Exploits1References2
OSV
OSV
added 2024/09/27 11:9 a.m.5 views

OESA-2024-2189 uboot-tools security update

This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound t...

7.7CVSS6.6AI score0.00586EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/11/30 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-6523-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.7AI score0.00586EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2023/11/29 1:41 p.m.48 views

USN-6523-1: u-boot-nezha vulnerability

It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-2347 Nicolas Bidron and Nicolas Guigo discovered that U-Boot...

7.8CVSS7.8AI score0.00586EPSS
Exploits2
OpenVAS
OpenVAS
added 2022/12/07 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-5764-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.02448EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2022/12/07 12:0 a.m.56 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : U-Boot vulnerabilities (USN-5764-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5764-1 advisory. It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue t...

9.8CVSS8AI score0.02448EPSS
Exploits5References8
Ubuntu
Ubuntu
added 2022/12/06 12:54 p.m.56 views

USN-5764-1: U-Boot vulnerabilities

It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-2347 Nicolas Bidron and Nicolas Guigo discovered that U-Boot...

9.8CVSS8AI score0.02448EPSS
Exploits5
Cvelist
Cvelist
added 2022/09/23 12:50 p.m.22 views

CVE-2022-2347 Unchecked Download size in Uboot

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS7.6AI score0.00586EPSS
Exploits1References1
CVE
CVE
added 2022/09/23 12:50 p.m.116 views

CVE-2022-2347

CVE-2022-2347 affects U-Boot’s USB DFU download path: an unchecked wLength > 4096 can cause a heap overflow by writing beyond the heap-allocated request buffer. Affected component is U-Boot DFU handling; attack requires physical access via USB. Some advisories (Debian, EulerOS, Huawei EulerOS,...

7.7CVSS6.9AI score0.00586EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/23 12:50 p.m.5 views

CVE-2022-2347 Unchecked Download size in Uboot

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS7.3AI score0.00586EPSS
Exploits1References1
Rows per page
Query Builder