Lucene search
K

129 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-29009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - U-Boot through 2026.04-rc3 contains a buffer overflow vulnerability in nfsreadlinkreply net/nfs- common.c when CONFIGCMDNFS is enabled, allowing a malicious or...

8.8CVSS6.2AI score0.00438EPSS
Exploits0References3
CVE
CVE
added 2026/07/08 4:16 p.m.12 views

CVE-2026-29009

CVE-2026-29009 affects U-Boot 2026.04-rc3 with CONFIG_CMD_NFS enabled. The flaw is a buffer overflow in nfs_readlink_reply() (net/nfs-common.c) where the 2048-byte nfs_path_buff can be overflowed by multiple relative symlink targets returned via NFS READLINK. Attackers can send two or more READLI...

8.8CVSS6.3AI score0.00438EPSS
Exploits0References4
OSV
OSV
added 2026/07/08 4:11 p.m.3 views

CVE-2026-29007 U-Boot 2026.04-rc3 Out-of-Bounds Read in tcp_rx_state_machine via tcp.c

U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerability in tcprxstatemachine net/tcp.c when CONFIGPROTTCP is enabled, allowing remote attackers to read beyond TCP segment boundaries by crafting a malicious packet with a mismatched IP total length and TCP data offset field. Attacke...

6.9CVSS6.1AI score0.00472EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Siemens RuggedCom Rox Heap-based Buffer Overflow (CVE-2022-2347)

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS7.2AI score0.00586EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/05/28 8:13 p.m.13 views

CVE-2026-9531

A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The...

6.5CVSS6.4AI score0.01803EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 4:45 a.m.14 views

EUVD-2026-31789

A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The...

6.5CVSS5.6AI score0.01803EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.25 views

PT-2026-43188

A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The...

6.5CVSS6.4AI score0.01803EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is a stack-based buffer overflow in the nfshandler reply helper function: nfsreadlinkreply...

9.8CVSS7.6AI score0.02488EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation when parsing a UDP packet, due to an underflow of the netprocessreceivedpacket integer during the udppackethandler call...

9.8CVSS7.1AI score0.0235EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/16 9:26 p.m.11 views

CVE-2026-46728

Das U-Boot before 2026.04 allows FIT Flat Image Tree signature verification bypass because hashed-nodes is omitted from a hash...

8.2CVSS5.8AI score0.00126EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/16 9:26 p.m.8 views

CVE-2026-46728

Das U-Boot before 2026.04 allows FIT Flat Image Tree signature verification bypass because hashed-nodes is omitted from a hash...

8.2CVSS5.8AI score0.00126EPSS
Exploits1References3
OSV
OSV
added 2026/04/17 1:3 p.m.9 views

OESA-2026-1971 uboot-tools security update

This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 200...

8.1CVSS5.7AI score0.00598EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/13 6:30 a.m.5 views

EUVD-2026-21851

A flaw has been found in Totolink N300RH 6.1c.1353B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

7.5CVSS5.5AI score0.01409EPSS
Exploits0References6
EUVD
EUVD
added 2025/12/11 9:31 p.m.7 views

EUVD-2025-202882

In U-Boot of appenduint32le, there is a possible fault injection due to a logic error in the code. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.1CVSS6.8AI score0.00131EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/10 12:0 a.m.25 views

CVE-2025-24857

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...

7.6CVSS0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-4720

Malware in sbrugna...

6.2CVSS6.4AI score0.00725EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-4719

Malware in sbrugna...

6.2CVSS6.4AI score0.00683EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: uboot-tools (UTSA-2025-669607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-669607 advisory. An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inod...

7.1CVSS7.8AI score0.00365EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: uboot-tools (UTSA-2025-664209)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-664209 advisory. Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdifft is...

7.8CVSS7.7AI score0.00233EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:21 p.m.4 views

squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution.

...

7.8CVSS7AI score0.00516EPSS
Exploits1
Rows per page
Query Builder