Vulnerabilities > Denx > U Boot > 2017.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-31 | CVE-2019-14193 | Out-of-bounds Write vulnerability in Denx U-Boot An issue was discovered in Das U-Boot through 2019.07. | 9.8 |
| 2019-07-31 | CVE-2019-14192 | Integer Underflow (Wrap or Wraparound) vulnerability in Denx U-Boot An issue was discovered in Das U-Boot through 2019.07. | 9.8 |
| 2019-07-29 | CVE-2019-13103 | Uncontrolled Recursion vulnerability in Denx U-Boot A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data. | 7.1 |
| 2019-05-10 | CVE-2019-11059 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Denx U-Boot Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow. | 9.8 |
| 2019-05-03 | CVE-2019-11690 | Use of Insufficiently Random Values vulnerability in Denx U-Boot gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device. | 5.9 |
| 2018-11-20 | CVE-2018-18440 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Denx U-Boot DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overflow via a crafted kernel image because filesystem loading is mishandled. | 7.8 |
| 2018-11-20 | CVE-2018-18439 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Denx U-Boot DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. | 9.8 |
| 2018-06-26 | CVE-2018-1000205 | Improper Input Validation vulnerability in Denx U-Boot U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. | 5.5 |