Lucene search
K

740 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/01 12:0 a.m.3 views

CVE-2026-42467

An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadBinaryDataTransferDM16 causing a denial of service via crafted CAN frame on the J1939 bus...

7.5CVSS5.8AI score0.00268EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.31 views

CVE-2026-42467

An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadBinaryDataTransferDM16 causing a denial of service via crafted CAN frame on the J1939 bus...

0.00268EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 12:0 a.m.8 views

EUVD-2026-26687

Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadTransportProtocolDataTransfer,allows attackers to write to arbitrary memory via crafted sequence number from the CAN frame...

9.8CVSS5.9AI score0.00416EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.12 views

Open SAE J1939 资源管理错误漏洞

Open SAE J1939 is an industrial vehicle CAN bus communication protocol library from the individual developer Daniel Mårtensson. Open SAE J1939 suffers from a resource management error vulnerability that stems from an issue in SAEJ1939ReadBinaryDataTransferDM16, which could result in a denial of...

7.5CVSS5.8AI score0.00268EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.6 views

PT-2026-36516

Name of the Vulnerable Software and Affected Versions Open-SAE-J1939 versions prior to commit b6caf884df46435e539b1ecbf92b6c29b345bdfe Description A denial of service can be triggered via a crafted CAN frame on the J1939 bus within the SAE J1939 Read Binary Data Transfer DM16 function...

7.5CVSS5.8AI score0.00268EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.29 views

CVE-2026-37537

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 2023-03-08 contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8t index = data0 - 1. When data0 sequence number from CAN frame is 0, index underflows...

8.1CVSS0.0022EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/01 12:0 a.m.7 views

EUVD-2026-26690

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 2023-03-08 contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8t index = data0 - 1. When data0 sequence number from CAN frame is 0, index underflows...

8.1CVSS5.9AI score0.0022EPSS
Exploits0References3
CVE
CVE
added 2026/05/01 12:0 a.m.10 views

CVE-2026-37537

CVE-2026-37537 concerns the collin80/Open-SAE-J1939 project. The connected sources describe an integer underflow in the Transport Protocol Data Transfer handling: when the CAN frame sequence number data[0] is 0, the index = data[0] - 1 underflows to 255. A subsequent write to tp_dt->data[255*7...

8.1CVSS5.9AI score0.0022EPSS
Exploits0References3
NVD
NVD
added 2026/04/30 10:16 p.m.6 views

CVE-2025-36180

IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to transfer data between pods without restrictions...

7.5CVSS0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/30 9:28 p.m.3 views

CVE-2025-36180 Inadequate Pod Communication Restrictions, affects watsonx.data

IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to transfer data between pods without restrictions...

5.3CVSS5.8AI score0.00186EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 9:28 p.m.9 views

CVE-2025-36180

CVE-2025-36180 concerns IBM watsonx.data (Lakehouse) versions 2.2–2.3. The issue is an improper restriction of inter-pod communication, potentially allowing an attacker to transfer data between pods without restrictions. The vulnerability’s impact is described as data integrity risk within pod co...

7.5CVSS5.2AI score0.00186EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/30 9:28 p.m.4 views

CVE-2025-36180

IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to transfer data between pods without restrictions...

5.3CVSS5.2AI score0.00186EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/04/30 9:28 p.m.6 views

EUVD-2025-209603

IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to transfer data between pods without restrictions...

5.3CVSS5.2AI score0.00186EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.10 views

IBM Watsonx.data 安全漏洞

IBM Watsonx.data is an open data lake platform developed by IBM. Versions 2.2 to 2.3 of IBM Watsonx.data contain security vulnerabilities. These vulnerabilities stem from insufficient restrictions on communication between Pods, allowing attackers to transfer data between Pods without any...

7.5CVSS5.8AI score0.00186EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/04/25 1:40 a.m.4 views

SUSE CVE-2026-31537

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...

5.5CVSS5.6AI score0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/04/24 3:16 p.m.6 views

DEBIAN-CVE-2026-31537

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...

5.5CVSS5.4AI score0.00121EPSS
Exploits0References1
CVE
CVE
added 2026/04/24 2:30 p.m.17 views

CVE-2026-31537

In the Linux kernel SMB server, CVE-2026-31537 arises from improper handling of smbdirect_socket.send_io.bcredits, which can corrupt the stream of reassembled data transfer messages when triggering an immediate (empty) send. The fix introduces a single batch credit per connection; code obtaining ...

5.5CVSS5.5AI score0.00121EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/04/24 2:30 p.m.8 views

CVE-2026-31537

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...

5.5CVSS5.4AI score0.00121EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/23 6:7 p.m.7 views

Security Bulletin: Inadequate Pod Communication Restrictions, affects watsonx.data

Summary A security vulnerability has been identified in IBM watsonx.data due to insufficient restrictions on inter-pod communication. This misconfiguration may allow unauthorized data transfer between pods within the environment. Vulnerability Details CVEID:CVE-2025-36180 DESCRIPTION: IBM Lakehou...

7.5CVSS5.6AI score0.00186EPSS
Exploits0Affected Software1
Fedora
Fedora
added 2026/04/22 7:50 a.m.6 views

[SECURITY] Fedora 43 Update: curl-8.15.0-6.fc43

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

7.5CVSS7.8AI score0.00715EPSS
Exploits4
Rows per page
Query Builder