Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.1 views

Astra Linux - уязвимость в u-boot

A carefully crafted self-referential DOS partition table will cause all Das U-Boot versions up to 2019.07-rc4 to infinitely recur, causing the stack to grow indefinitely. This could lead to a system crash or the overwriting of other data...

7.1CVSS6.7AI score0.00052EPSS
Exploits0References2
OSV
OSVadded 2026/05/16 10:16 p.m.3 views

UBUNTU-CVE-2026-46728

Das U-Boot before 2026.04 allows FIT Flat Image Tree signature verification bypass because hashed-nodes is omitted from a hash...

8.2CVSS5.8AI score0.00004EPSS
Exploits0References4
CVE
CVEadded 2026/05/16 9:26 p.m.8 views

CVE-2026-46728

The CVE-2026-46728 entry concerns U-Boot (before 2026.04) where FIT (Flat Image Tree) signature verification can bypass trust because hashed-nodes are omitted from a hash. Affected software: U-Boot (pre-2026.04). Vulnerable component: FIT signature verification process. Root cause: omission of ha...

8.2CVSS5.8AI score0.00004EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/16 9:26 p.m.22 views

CVE-2026-46728

Das U-Boot before 2026.04 allows FIT Flat Image Tree signature verification bypass because hashed-nodes is omitted from a hash...

8.2CVSS0.00004EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/16 12:0 a.m.6 views

PT-2026-41468

Name of the Vulnerable Software and Affected Versions Das U-Boot versions prior to 2026.04 Description Das U-Boot allows a Flat Image Tree FIT signature verification bypass. This occurs because hashed-nodes are omitted from a hash, which can lead to the acceptance of unsigned or modified images...

8.2CVSS5.8AI score0.00004EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2025/12/16 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-24857

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322,...

7.6CVSS7.6AI score0.00035EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/12/11 12:3 a.m.1 views

CVE-2025-24857

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...

7.6CVSS7.5AI score0.00035EPSS
Exploits0References1
EUVD
EUVDadded 2025/12/10 9:31 p.m.1 views

EUVD-2025-202621

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...

7.6CVSS7.1AI score0.00035EPSS
Exploits0References2
OSV
OSVadded 2025/12/10 9:16 p.m.3 views

CVE-2025-24857

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...

7.6CVSS6.1AI score
Exploits0References1
NVD
NVDadded 2025/12/10 9:16 p.m.2 views

CVE-2025-24857

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...

7.6CVSS0.00035EPSS
Exploits0References1
OSV
OSVadded 2025/12/10 9:16 p.m.1 views

UBUNTU-CVE-2025-24857

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...

7.6CVSS6.1AI score0.00035EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2025/12/10 9:16 p.m.1 views

CVE-2025-24857

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...

7.6CVSS7.5AI score0.00035EPSS
Exploits0References2
CVE
CVEadded 2025/12/10 12:0 a.m.12 views

CVE-2025-24857

The vulnerability CVE-2025-24857 affects Universal Boot Loader (U-Boot) versions prior to 2017.11 and certain Qualcomm boot ROM/SoC families (IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, IPQ9574). The root cause is improper access control for volatile memory containing boot code, which c...

7.6CVSS7.2AI score0.00035EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVEadded 2025/12/10 12:0 a.m.2 views

CVE-2025-24857

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...

7.6CVSS8.2AI score0.00035EPSS
Exploits0
CISA
CISAadded 2025/12/09 12:0 p.m.4 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-343-01 Universal Boot Loader U-Boot ICSA-25-343-02 Festo LX Appliance ICSA-25-343-03 Multiple India-Base...

6.6AI score
Exploits0References3
AstraLinux
AstraLinuxadded 2025/10/31 4:38 p.m.4 views

Astra Linux - уязвимость в u-boot

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552...

7.8CVSS7.7AI score0.0029EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/10/07 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: uboot-tools (UTSA-2025-680593)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680593 advisory. There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not...

7.7CVSS7.2AI score0.00035EPSS
Exploits1References4
Microsoft CVE
Microsoft CVEadded 2025/09/04 4:14 a.m.2 views

sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap memory corruption for squashfs directory listing because the path separator is not considered in a size calculation.

...

7.1CVSS7AI score0.00067EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2025/09/03 9:49 p.m.1 views

Das U-Boot 2022.01 has a Buffer Overflow.

...

5.5CVSS7AI score0.00069EPSS
Exploits0
CNNVD
CNNVDadded 2025/08/05 12:0 a.m.1 views

DENX Software Engineering Das U-Boot 安全漏洞

DENX Software Engineering Das U-Boot is a Universal Bootloader from DENX Software Engineering, Germany. A security vulnerability exists in DENX Software Engineering Das U-Boot version v1.1.3, which stems from a lack of signature verification in the bootloader and could lead to the execution of...

6.5CVSS6.7AI score0.00553EPSS
Exploits1References2
Rows per page
Query Builder