Vulnerabilities > Denx

DATE CVE VULNERABILITY TITLE RISK
2019-03-21 CVE-2018-3968 Improper Verification of Cryptographic Signature vulnerability in Denx U-Boot
An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2.
local
high complexity
denx CWE-347
7.0
2018-11-20 CVE-2018-18440 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Denx U-Boot
DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overflow via a crafted kernel image because filesystem loading is mishandled.
local
low complexity
denx CWE-119
7.8
2018-11-20 CVE-2018-18439 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Denx U-Boot
DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled.
network
low complexity
denx CWE-119
critical
9.8
2018-07-24 CVE-2017-3226 Cryptographic Issues vulnerability in Denx U-Boot
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file.
high complexity
denx CWE-310
6.4
2018-07-24 CVE-2017-3225 Cryptographic Issues vulnerability in Denx U-Boot
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file.
low complexity
denx CWE-310
4.6
2018-06-26 CVE-2018-1000205 Improper Input Validation vulnerability in Denx U-Boot
U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot.
local
low complexity
denx CWE-20
5.5