Lucene search
K

855 matches found

OpenVAS
OpenVAS
added 2025/10/01 12:0 a.m.4 views

Debian: Security Advisory (DLA-4320-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.8AI score0.01095EPSS
Exploits0References2
Debian
Debian
added 2025/09/30 11:45 p.m.5 views

[SECURITY] [DLA 4320-1] u-boot security update

Debian LTS Advisory DLA-4320-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert October 01, 2025 https://wiki.debian.org/LTS Package : u-boot Version : 2021.01+dfsg-5+deb11u2 CVE ID : CVE-2021-27097 CVE-2021-27138 Debian Bug : 983269 983270 Multiple vulnerabilties...

7.8CVSS7.1AI score0.01095EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:46 a.m.6 views

Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any platform allows an attacker on the local network to leak memory from four up to 32 bytes of memory stored behind the packet to the network depending on the later use of DHCP-provided parameters via crafted DHCP responses.

...

8.1CVSS7AI score0.00598EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:40 a.m.3 views

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply.

...

9.8CVSS7AI score0.02488EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:33 a.m.5 views

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.

...

9.8CVSS7AI score0.0235EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:27 a.m.5 views

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552.

...

7.8CVSS7AI score0.00554EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:15 a.m.3 views

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call.

...

9.8CVSS7AI score0.02666EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 4:59 a.m.5 views

A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink nesting.

...

2.4CVSS7AI score0.0031EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 4:41 a.m.4 views

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case.

...

9.8CVSS7AI score0.0235EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 4:35 a.m.4 views

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply.

...

9.8CVSS7AI score0.02488EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 4:30 a.m.4 views

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call.

...

9.8CVSS7AI score0.0235EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 4:25 a.m.4 views

Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64.

...

7.8CVSS7AI score0.00233EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 3:52 a.m.3 views

An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.

...

7.1CVSS7AI score0.00359EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 2:58 a.m.6 views

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function.

...

9.8CVSS7AI score0.02023EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/09/04 2:52 a.m.5 views

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply.

...

9.8CVSS7AI score0.02488EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 2:25 a.m.6 views

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply.

...

9.8CVSS7AI score0.02488EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 2:20 a.m.4 views

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length.

...

9.8CVSS7AI score0.0235EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:42 p.m.5 views

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply.

...

9.8CVSS7AI score0.02488EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:38 p.m.5 views

An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.

...

7.1CVSS7AI score0.00365EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:33 p.m.3 views

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.

...

9.8CVSS7AI score0.02403EPSS
Exploits0
Rows per page
Query Builder