CVE-2018-18071

An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted Connected Vehicle API data exchange between the app and a server might be intercepted. The app can be used to operate the Remote Parking Pilot, unlock the vehicle, or obtain sensitive information such as...

Towards Understanding and Characterizing Vulnerabilities in Intelligent Connected Vehicles through Real-World Exploits

Intelligent Connected Vehicles ICVs are a core component of modern transportation systems, and their security is crucial as it directly relates to user safety. Despite prior research, most existing studies focus only on specific sub-components of ICVs due to their inherent complexity. As a result...

EUVD-2023-40289

Malicious code in bioql PyPI...

Exploring Traffic Simulation and Cybersecurity Strategies Using Large Language Models

Intelligent Transportation Systems ITS are increasingly vulnerable to sophisticated cyberattacks due to their complex, interconnected nature. Ensuring the cybersecurity of these systems is paramount to maintaining road safety and minimizing traffic disruptions. This study presents a novel...

CVE-2022-39836

An issue was discovered in Connected Vehicle Systems Alliance COVESA dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one byte...

Linux Distros Unpatched Vulnerability : CVE-2022-39837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Connected Vehicle Systems Alliance COVESA dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes...

COVESA vsomeip 竞争条件问题漏洞

vsomeip is an open source implementation of a scalable service-oriented IP middleware from the Connected Vehicle Systems Alliance. A Competitive Conditions Issue vulnerability exists in COVESA vsomeip versions prior to 3.4.10 that stems from the inclusion of a competitive condition...

CVE-2023-36321

Connected Vehicle Systems Alliance COVESA up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dltcommon.c...

CVE-2023-36321

Connected Vehicle Systems Alliance COVESA up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dltcommon.c...

DEBIAN-CVE-2023-36321

Connected Vehicle Systems Alliance COVESA up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dltcommon.c...

Buffer overflow

Connected Vehicle Systems Alliance COVESA up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dltcommon.c...

UBUNTU-CVE-2023-36321

Connected Vehicle Systems Alliance COVESA up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dltcommon.c...

CVE-2023-36321

Connected Vehicle Systems Alliance COVESA up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dltcommon.c...

CVE-2023-36321

Connected Vehicle Systems Alliance COVESA up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dltcommon.c...

Connected Vehicle Systems Alliance (COVESA) dlt-daemon Security Vulnerability

The dlt-daemon is the DLT communication interface for ECUs in the GlobalGENIVI community. It collects and buffers log messages from one or more DLT users running on the ECU and makes them available to DLT clients upon request. A security vulnerability exists in Connected Vehicle Systems Alliance...

CVE-2023-26257

An issue was discovered in the Connected Vehicle Systems Alliance COVESA; formerly GENIVI dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c...

CVE-2023-26257

An issue was discovered in the Connected Vehicle Systems Alliance COVESA; formerly GENIVI dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c...

CVE-2023-26257

An issue was discovered in the Connected Vehicle Systems Alliance COVESA; formerly GENIVI dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c...

Design/Logic Flaw

An issue was discovered in the Connected Vehicle Systems Alliance COVESA; formerly GENIVI dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c...

UBUNTU-CVE-2023-26257

An issue was discovered in the Connected Vehicle Systems Alliance COVESA; formerly GENIVI dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c...