Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/17 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Das U-Boot before 2026.04 allows FIT Flat Image Tree signature verification bypass because hashed-nodes is omitted from a hash. CVE-2026-46728 Note that Nessus...

8.8CVSS5.8AI score0.00126EPSS
Exploits1References3
OSV
OSV
added 2026/05/16 10:16 p.m.8 views

DEBIAN-CVE-2026-46728

Das U-Boot before 2026.04 allows FIT Flat Image Tree signature verification bypass because hashed-nodes is omitted from a hash...

8.8CVSS5.8AI score0.00126EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/16 12:0 a.m.10 views

DENX Software Engineering Das U-Boot 访问控制错误漏洞

DENX Software Engineering's Das U-Boot is a general-purpose bootloader developed by the German company DENX Software Engineering. Versions of DENX Software Engineering's Das U-Boot prior to version 2026.04 contained an access control vulnerability. This vulnerability stemmed from the omission of...

8.2CVSS5.8AI score0.00126EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-33243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 and the corresponding backport to 2025.09.3, an attacker could exploit a...

8.2CVSS5.8AI score0.00108EPSS
Exploits0References2
OSV
OSV
added 2026/04/11 2:3 p.m.7 views

OESA-2026-1834 uboot-tools security update

This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 and the...

8.2CVSS5.8AI score0.00108EPSS
Exploits0References2
OSV
OSV
added 2026/03/20 11:16 p.m.5 views

DEBIAN-CVE-2026-33243

barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 and the corresponding backport to 2025.09.3, an attacker could exploit a FIT signature verification vulnerability to trick the bootloader into booting different images than those that were verified as part of a...

8.2CVSS5.7AI score0.00108EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/03/20 10:51 p.m.6 views

CVE-2026-33243

Removed by vendor...

8.2CVSS5.8AI score0.00108EPSS
Exploits0
CVE
CVE
added 2026/03/20 10:51 p.m.21 views

CVE-2026-33243

Barebox contains a vulnerability in the FIT signing flow: during mkimage, the hashed-nodes property of the FIT signature node is computed, but the hashed-nodes value is not itself protected by the hash. An attacker can modify hashed-nodes to influence which nodes were reported as hashed, potentia...

8.2CVSS5.8AI score0.00108EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2026/03/20 10:51 p.m.6 views

CVE-2026-33243 barebox: FIT Signature Verification Bypass Vulnerability

barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 and the corresponding backport to 2025.09.3, an attacker could exploit a FIT signature verification vulnerability to trick the bootloader into booting different images than those that were verified as part of a...

8.2CVSS5.8AI score0.00126EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2026/03/20 10:51 p.m.5 views

CVE-2026-33243

barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 and the corresponding backport to 2025.09.3, an attacker could exploit a FIT signature verification vulnerability to trick the bootloader into booting different images than those that were verified as part of a...

8.2CVSS5.8AI score0.00108EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.5 views

PT-2026-26702

Name of the Vulnerable Software and Affected Versions barebox versions 2016.03.0 through 2025.09.2 barebox versions 2025.10.0 through 2026.03.0 Description barebox is a bootloader. When creating a FIT Firmware Image Table, the mkimage1 function sets the hashed-nodes property of the FIT signature...

8.2CVSS5.8AI score0.00108EPSS
Exploits0References12
Prion
Prion
added 2019/03/21 5:29 p.m.15 views

Format string

An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legac...

4.4CVSS6.7AI score0.00276EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/03/21 4:36 p.m.28 views

CVE-2018-3968

An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legac...

8.2CVSS6.7AI score0.00276EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2019/03/21 4:36 p.m.47 views

CVE-2018-3968

An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legac...

8.2CVSS7.3AI score0.00276EPSS
Exploits1
Talos
Talos
added 2019/03/19 12:0 a.m.185 views

Das U-Boot verified boot bypass

Summary An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot’s verified boot and execute an unsigned kernel, embedded in...

8.2CVSS7.1AI score0.00276EPSS
Exploits1
Rows per page
Query Builder