Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-21364

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00986EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-21398

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00893EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-21363

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00755EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2025/04/08 12:0 a.m.255 views

Sony XAV-AX5500 1.13 - Firmware Update Validation Remote Code Execution (RCE)

Exploit Title: Sony XAV-AX5500 Firmware Update Validation Remote Code Execution Date: 11-Feb-2025 Exploit Author: lkushinada Vendor Homepage: https://www.sony.com/et/electronics/in-car-receivers-players/xav-ax5500 Software Link: https://archive.org/details/xav-ax-5500-v-113 Version: 1.13 Tested o...

6.8CVSS7.4AI score0.01761EPSS
Exploits2
OSV
OSV
added 2024/09/23 3:15 p.m.5 views

CVE-2024-23922

Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The...

6.8CVSS6.2AI score0.01761EPSS
Exploits2References2
NVD
NVD
added 2024/09/23 3:15 p.m.27 views

CVE-2024-23922

Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The...

6.8CVSS0.01761EPSS
Exploits2References2
OSV
OSV
added 2024/09/23 3:15 p.m.2 views

CVE-2024-23972

Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. Th...

6.8CVSS6.2AI score0.00893EPSS
Exploits0References2
NVD
NVD
added 2024/09/23 3:15 p.m.27 views

CVE-2024-23933

Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The...

6.8CVSS0.00755EPSS
Exploits0References2
CVE
CVE
added 2024/09/23 2:23 p.m.61 views

CVE-2024-23922

Sony XAV-AX5500 is affected by CVE-2024-23922 due to insufficient validation of firmware update packages, enabling remote code execution when updates are processed. The flaw resides in the software update handling and can be exploited by physically present attackers without authentication. Public...

6.8CVSS7.1AI score0.01761EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2024/09/23 2:19 p.m.68 views

CVE-2024-23972

Summary: CVE-2024-23972 affects Sony XAV-AX5500. The issue is a buffer overflow in the USB host driver triggered by a crafted USB configuration descriptor, enabling remote code execution in the device process when a USB is connected by a physically present attacker. The vulnerability can be explo...

6.8CVSS7.2AI score0.00893EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/23 2:19 p.m.27 views

CVE-2024-23972 Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability

Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. Th...

6.8CVSS8AI score0.00893EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/23 2:19 p.m.27 views

CVE-2024-23972 Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability

Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. Th...

6.8CVSS0.00893EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/23 2:16 p.m.20 views

CVE-2024-23934 Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability in that the target...

8.8CVSS0.00986EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/23 2:12 p.m.29 views

CVE-2024-23933 Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability

Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The...

6.8CVSS0.00755EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/23 2:12 p.m.28 views

CVE-2024-23933 Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability

Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The...

6.8CVSS7.5AI score0.00755EPSS
Exploits0References2
CVE
CVE
added 2024/09/23 2:12 p.m.67 views

CVE-2024-23933

CVE-2024-23933 affects Sony XAV-AX5500 cars units via a CarPlay TLV stack-based buffer overflow. The root cause is insufficient validation of user-supplied data length before copying to a fixed-size stack buffer, enabling remote code execution when a physically present attacker exploits the proto...

6.8CVSS6.8AI score0.00755EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/23 12:0 a.m.3 views

Sony XAV-AX5500 安全漏洞

The SONY XAV-AX5500 is a 7-inch in-vehicle center console with a wide range of functions and advanced technical features. The SONY XAV-AX5500 suffers from a stack buffer overflow vulnerability that stems from an extended content description object built in a WMV media file that can trigger an...

8.8CVSS7.7AI score0.00986EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/09/23 12:0 a.m.4 views

Sony XAV-AX5500 安全漏洞

The SONY XAV-AX5500 is a 7-inch in-vehicle center console with a wide range of functions and advanced technical features. A code execution vulnerability exists in the SONY XAV-AX5500 that stems from a lack of proper validation of software update packages and can be exploited by an attacker to...

6.8CVSS7.9AI score0.01761EPSS
Exploits2References4
CNNVD
CNNVD
added 2024/09/23 12:0 a.m.2 views

Sony XAV-AX5500 安全漏洞

The SONY XAV-AX5500 is a 7-inch in-vehicle center console with a wide range of functions and advanced technical features. The SONY XAV-AX5500 suffers from a stack buffer overflow vulnerability that originates in the implementation of the Apple CarPlay protocol and can be exploited by an attacker ...

6.8CVSS7.6AI score0.00755EPSS
Exploits0References4
CNVD
CNVD
added 2024/07/01 12:0 a.m.3 views

SONY XAV-AX5500 Buffer Overflow Vulnerability

The SONY XAV-AX5500 is a 7-inch in-vehicle center console with a wide range of functions and advanced technical features. The SONY XAV-AX5500 suffers from a buffer overflow vulnerability that originates from a constructed USB configuration descriptor that can trigger an overflow of a fixed-length...

6.8CVSS7.4AI score0.00893EPSS
Exploits0References1
Rows per page
Query Builder