Export limit exceeded: 45668 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 23281 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347612 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347612 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-5654 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-39911 | 2 Hashgraph, Hedera | 2 Guardian, Guardian | 2026-05-01 | 8.8 High |
| Hashgraph Guardian through version 3.5.1, fixed in commit 45fbe2f, contains an unsandboxed JavaScript execution vulnerability in the Custom Logic policy block worker that allows authenticated Standard Registry users to execute arbitrary code by passing user-supplied JavaScript expressions directly to the Node.js Function() constructor without isolation. Attackers can import native Node.js modules to read arbitrary files from the container filesystem, access process environment variables containing sensitive credentials such as RSA private keys, JWT signing keys, and API tokens, and forge valid authentication tokens for any user including administrators. | ||||
| CVE-2026-42469 | 2026-05-01 | N/A | ||
| Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_canswitch.cpp the parser does not properly validate a CANswitch DLC value, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted CANswitch frames. | ||||
| CVE-2026-42468 | 2026-05-01 | N/A | ||
| Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_pcap.cpp , the parser's phdr.len field is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted PCAP input. | ||||
| CVE-2026-37541 | 2026-05-01 | 10 Critical | ||
| Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_gvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted GVRET frames. | ||||
| CVE-2026-37540 | 2026-05-01 | 8.4 High | ||
| OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elf_loader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems (STM32MP1, Zynq, i.MX), large values can cause the product to wrap around to a small value. | ||||
| CVE-2026-37539 | 2026-05-01 | 9.8 Critical | ||
| Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted CAN FD frames. | ||||
| CVE-2026-37538 | 2026-05-01 | N/A | ||
| Buffer overflow vulnerability in socketcand 0.4.2 in file socketcand.c in function main allows attackers to cause a denial of service or other unspecified impacts via crafted bus_name. | ||||
| CVE-2026-37537 | 2026-05-01 | 8.1 High | ||
| collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 (2023-03-08) contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8_t index = data[0] - 1. When data[0] (sequence number from CAN frame) is 0, index underflows to 255. Subsequent write at tp_dt->data[255*7 + i-1] reaches offset 1791, exceeding the MAX_TP_DT buffer (1785 bytes) by 6 bytes. | ||||
| CVE-2026-5655 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| SDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 allows denial of service | ||||
| CVE-2026-37536 | 2026-05-01 | 8.8 High | ||
| miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a (2016-10-05) contains a stack buffer overflow in send_diagnostic_request. A 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) receives memcpy at offset 1+pid_length with payload_length bytes. MAX_UDS_REQUEST_PAYLOAD_LENGTH=7, so 1+2+7=10 exceeds buffer by 4 bytes. No bounds check on payload_length before memcpy. | ||||
| CVE-2026-37535 | 2026-05-01 | 7.1 High | ||
| openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac (2021-08-09) contains an out-of-bounds read in the ISO-TP Single Frame receive handler, where the 4-bit payload length nibble is used directly as the memcpy size without validating it against the actual CAN data length. A malicious CAN frame with an oversized length nibble can cause memory reads beyond the buffer, allowing attackers to cause a denial of service, or gain sensitive information. | ||||
| CVE-2026-42467 | 2026-05-01 | N/A | ||
| An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Binary_Data_Transfer_DM16 causing a denial of service via crafted CAN frame on the J1939 bus. | ||||
| CVE-2026-5657 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| iLBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-37534 | 2026-05-01 | N/A | ||
| Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Transport_Protocol_Data_Transfer,allows attackers to write to arbitrary memory via crafted sequence number from the CAN frame. | ||||
| CVE-2026-7587 | 1 Open5gs | 1 Open5gs | 2026-05-01 | 4.3 Medium |
| A vulnerability has been found in Open5GS up to 2.7.7. This vulnerability affects the function amf_nsmf_pdusession_handle_update_sm_context of the file /src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-6519 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2018-25307 | 1 Sysgauge | 1 Sysgauge Pro | 2026-05-01 | 8.4 High |
| SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key. Attackers can inject shellcode through the Unlock Key field during registration to execute arbitrary code with application privileges. | ||||
| CVE-2018-25313 | 2 Flexense, Sysgauge | 2 Sysgauge, Sysgauge | 2026-05-01 | 6.2 Medium |
| SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can inject a large payload through the Proxy Server Host Name field in the Options menu to crash the application. | ||||
| CVE-2026-34965 | 1 Cockpit-hq | 1 Cockpit | 2026-05-01 | 8.8 High |
| Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/save_collection endpoint that allows authenticated attackers with collection management privileges to inject arbitrary PHP code into collection rules parameters. Attackers can inject malicious PHP code through rule parameters which is written directly to server-side PHP files and executed via include() to achieve arbitrary command execution on the underlying server. | ||||