Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1417 matches found

Cvelist
Cvelistadded 2025/02/18 12:0 a.m.12 views

CVE-2024-57256

An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...

7.1CVSS0.00061EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/02/18 12:0 a.m.6 views

CVE-2024-57256

An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...

7.1CVSS6.9AI score0.00061EPSS
Exploits0References2
CVE
CVEadded 2025/02/18 12:0 a.m.71 views

CVE-2024-57256

CVE-2024-57256 pertains to an integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1. The overflow occurs when zalloc adds one to a 32-bit LE value in crafted ext4 filesystems with an inode size of 0xffffffff, causing a zero malloc and a subsequent memory overwrite. Connected re...

7.1CVSS7.2AI score0.00061EPSS
Exploits0References4Affected Software1
CNNVD
CNNVDadded 2025/02/18 12:0 a.m.1 views

DENX Software Engineering Das U-Boot 安全漏洞

DENX Software Engineering Das U-Boot is a Universal Bootloader from DENX Software Engineering, Germany. A security vulnerability exists in versions prior to DENX Software Engineering Das U-Boot 2025.01-rc1, which stems from an integer overflow in symbolic link parsing that results in a memory...

7.1CVSS8.1AI score0.00077EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/02/18 12:0 a.m.11 views

CVE-2024-57255

An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...

7.1CVSS0.00077EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2025/02/18 12:0 a.m.6 views

CVE-2024-57255

An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...

7.1CVSS7AI score0.00077EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/02/18 12:0 a.m.6 views

CVE-2024-57255

An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...

7.1CVSS7.2AI score0.00077EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/02/18 12:0 a.m.2 views

DENX Software Engineering Das U-Boot 安全漏洞

DENX Software Engineering Das U-Boot is a Universal Bootloader from DENX Software Engineering, Germany. A security vulnerability exists in versions prior to DENX Software Engineering Das U-Boot 2025.01-rc1, which stems from an integer overflow in ext4 symbolic link parsing that results in a memor...

7.1CVSS8.1AI score0.00061EPSS
Exploits0References2
CVE
CVEadded 2025/02/18 12:0 a.m.64 views

CVE-2024-57255

CVE-2024-57255 concerns Das U-Boot up to 2025.01-rc1, where an integer overflow in sqfs_resolve_symlink is triggered by a crafted squashfs with inode size 0xffffffff, causing a zero malloc and a memory overwrite. The linked sources confirm the affected component and root cause; remediation is a p...

7.1CVSS7.2AI score0.00077EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinuxadded 2025/02/18 12:0 a.m.5 views

CVE-2024-57256

An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...

7.1CVSS7AI score0.00061EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/02/17 12:0 a.m.2 views

PT-2025-6742

Name of the Vulnerable Software and Affected Versions Das U-Boot versions prior to 2025.01-rc1 Description An integer overflow occurs in the ext4fs read symlink function in Das U-Boot. This happens when a crafted ext4 filesystem with an inode size of 0xffffffff is used, causing a malloc of zero a...

7.8CVSS6.8AI score0.00089EPSS
Exploits0References52
Positive Technologies
Positive Technologiesadded 2025/02/17 12:0 a.m.2 views

PT-2025-6748 · Barebox · Barebox

Name of the Vulnerable Software and Affected Versions: barebox versions prior to 2025.01.0 Description: The issue is related to an integer overflow in the ext4fs read symlink function when handling a crafted ext4 filesystem with an inode size of 0xffffffff. This results in a malloc of zero and a...

7.1CVSS7.3AI score0.00022EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2025/02/17 12:0 a.m.1 views

PT-2025-6741

Name of the Vulnerable Software and Affected Versions DAS U-Boot versions prior to 2025.01-RC1 Description An integer overflow occurs in the sqfs resolve symlink function in DAS U-Boot through a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and a...

7.8CVSS6.8AI score0.00089EPSS
Exploits0References36
OSV
OSVadded 2025/02/11 3:15 p.m.2 views

CVE-2024-33659

AMI APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation by a local attacker. Successful exploitation of these vulnerabilities may lead to overwriting arbitrary memory and execute arbitrary code at SMM level, also impacting Confidentiality, Integrity, a...

8.8CVSS6.1AI score0.00066EPSS
Exploits0References1
AstraLinux
AstraLinuxadded 2025/02/11 7:35 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Media: aspeed – Fixed memory overwriting issues when the screen resolution is 1600x900. When displaying on a screen with a resolution of 1600x900, the system may crash if the system’s memory usage is tight. How to reproduce this...

7.8CVSS6.1AI score0.00023EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/02/04 11:43 p.m.5 views

CVE-2024-22419

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The concat built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the buildIR for concat doesn't properly adhere to the API of co...

9.8CVSS7.3AI score0.00539EPSS
Exploits1References1
OSV
OSVadded 2025/02/01 12:0 a.m.7 views

ASB-A-379728401

In TBD of TBD, there is a possible arbitrary kernel memory overwrite due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.1AI score0.00074EPSS
Exploits0References1
OSV
OSVadded 2025/01/09 3:15 p.m.2 views

CVE-2024-10106

A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer...

3.7CVSS6AI score0.00294EPSS
Exploits0References2
NVD
NVDadded 2025/01/09 3:15 p.m.5 views

CVE-2024-10106

A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer...

3.7CVSS0.00294EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2025/01/09 3:15 p.m.0 views

CVE-2024-10106

A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer...

3.7CVSS6AI score0.00294EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder