Lucene search
K

164 matches found

Cvelist
Cvelist
added 2026/06/25 6:6 p.m.31 views

CVE-2026-56770 libais 0.15 - Out-of-bounds Vector Access in VdmStream::AddLine via Invalid Sequential Message ID

libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds,...

8.7CVSS0.00339EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 6:6 p.m.6 views

CVE-2026-56770

libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds,...

8.7CVSS5.9AI score0.00339EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 6:6 p.m.7 views

EUVD-2026-39523

libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds,...

8.7CVSS5.9AI score0.00339EPSS
Exploits0References2
NVD
NVD
added 2026/03/06 3:16 p.m.32 views

CVE-2026-2752

Navtor NavBox allows information disclosure via the /api/ais-data endpoint. A remote, unauthenticated attacker can send crafted requests to trigger an unhandled exception, causing the server to return verbose .NET stack traces. These error messages expose internal class names, method calls, and...

5.3CVSS0.00261EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/06 3:4 p.m.32 views

CVE-2026-2752

Navtor NavBox allows information disclosure via the /api/ais-data endpoint. A remote, unauthenticated attacker can send crafted requests to trigger an unhandled exception, causing the server to return verbose .NET stack traces. These error messages expose internal class names, method calls, and...

5.3CVSS0.00261EPSS
Exploits0References2
CVE
CVE
added 2026/03/06 3:4 p.m.20 views

CVE-2026-2752

CVE-2026-2752 affects Navtor NavBox via the /api/ais-data endpoint, where a remote unauthenticated attacker can trigger an unhandled exception, causing verbose .NET stack traces to be returned. This information disclosure exposes internal class names, methods, and third‑party library references (...

5.3CVSS5.8AI score0.00261EPSS
Exploits0References2Affected Software1
SUSE Linux
SUSE Linux
added 2026/03/03 12:49 p.m.3 views

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-24491: heap-use-after-free in videotimer bsc1257981. CVE-2026-24675: heap-use-after-free in urbselectinterface bsc1257982. CVE-2026-24676: heap-use-after-free in audioformatcompatible bsc1257983. CVE-2026-24677: heap-buffer-overflow in...

7.3CVSS5.9AI score0.00628EPSS
Exploits0References44
RedhatCVE
RedhatCVE
added 2025/12/01 2:16 p.m.8 views

CVE-2025-66216

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a heap buffer overflow vulnerability has been identified in the AIS::Message class of AIS-catcher. This vulnerability allows an attacker to write approximately 1KB of arbitrary data into a 128-byte buffer. This issue has been...

9.8CVSS7.4AI score0.00443EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/01 2:16 p.m.6 views

CVE-2025-66217

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, an integer underflow vulnerability exists in the MQTT parsing logic of AIS-catcher. This vulnerability allows an attacker to trigger a massive Heap Buffer Overflow by sending a malformed MQTT packet with a manipulated Topic Leng...

8.8CVSS7.4AI score0.00634EPSS
Exploits1References1
NVD
NVD
added 2025/11/29 3:15 a.m.11 views

CVE-2025-66217

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, an integer underflow vulnerability exists in the MQTT parsing logic of AIS-catcher. This vulnerability allows an attacker to trigger a massive Heap Buffer Overflow by sending a malformed MQTT packet with a manipulated Topic Leng...

8.8CVSS0.00634EPSS
Exploits1References2
NVD
NVD
added 2025/11/29 3:15 a.m.7 views

CVE-2025-66216

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a heap buffer overflow vulnerability has been identified in the AIS::Message class of AIS-catcher. This vulnerability allows an attacker to write approximately 1KB of arbitrary data into a 128-byte buffer. This issue has been...

9.8CVSS0.00443EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/11/29 1:57 a.m.12 views

CVE-2025-66216 AIS-catcher has a Buffer Overflow vulnerability in `AIS::Message` leading to DoS/RCE

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a heap buffer overflow vulnerability has been identified in the AIS::Message class of AIS-catcher. This vulnerability allows an attacker to write approximately 1KB of arbitrary data into a 128-byte buffer. This issue has been...

9.3CVSS0.00443EPSS
Exploits1References2
CVE
CVE
added 2025/11/29 1:57 a.m.15 views

CVE-2025-66216

AIS-catcher before v0.64 is affected by a heap buffer overflow in AIS::Message that allows writing ~1 KB into a 128-byte buffer. This has been patched in v0.64. Remediation: upgrade to 0.64+ (or apply vendor advisories). Exploitation details are not provided in the supplied documents.

9.8CVSS7AI score0.00443EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/29 1:57 a.m.3 views

CVE-2025-66216 AIS-catcher has a Buffer Overflow vulnerability in `AIS::Message` leading to DoS/RCE

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a heap buffer overflow vulnerability has been identified in the AIS::Message class of AIS-catcher. This vulnerability allows an attacker to write approximately 1KB of arbitrary data into a 128-byte buffer. This issue has been...

9.3CVSS7AI score0.00443EPSS
Exploits1References2
OSV
OSV
added 2025/11/29 1:57 a.m.8 views

CVE-2025-66216 AIS-catcher has a Buffer Overflow vulnerability in `AIS::Message` leading to DoS/RCE

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a heap buffer overflow vulnerability has been identified in the AIS::Message class of AIS-catcher. This vulnerability allows an attacker to write approximately 1KB of arbitrary data into a 128-byte buffer. This issue has been...

9.3CVSS7.3AI score0.00443EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/11/29 1:57 a.m.16 views

CVE-2025-66217 AIS-catcher Integer Underflow in MQTT Packet Parsing leading to Heap Buffer Overflow

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, an integer underflow vulnerability exists in the MQTT parsing logic of AIS-catcher. This vulnerability allows an attacker to trigger a massive Heap Buffer Overflow by sending a malformed MQTT packet with a manipulated Topic Leng...

8.8CVSS0.00634EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/29 1:57 a.m.4 views

CVE-2025-66217 AIS-catcher Integer Underflow in MQTT Packet Parsing leading to Heap Buffer Overflow

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, an integer underflow vulnerability exists in the MQTT parsing logic of AIS-catcher. This vulnerability allows an attacker to trigger a massive Heap Buffer Overflow by sending a malformed MQTT packet with a manipulated Topic Leng...

8.8CVSS7AI score0.00634EPSS
Exploits1References2
CVE
CVE
added 2025/11/29 1:57 a.m.20 views

CVE-2025-66217

AIS-catcher is a cross-platform AIS receiver. Multiple connected sources describe a vulnerability in the MQTT parsing logic prior to version 0.64: an integer underflow can trigger a massive Heap Buffer Overflow when processing a malformed MQTT packet with a manipulated Topic Length field. This le...

8.8CVSS7AI score0.00634EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/11/29 1:57 a.m.6 views

EUVD-2025-199900

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, an integer underflow vulnerability exists in the MQTT parsing logic of AIS-catcher. This vulnerability allows an attacker to trigger a massive Heap Buffer Overflow by sending a malformed MQTT packet with a manipulated Topic Leng...

8.8CVSS6.9AI score0.00634EPSS
Exploits1References2
OSV
OSV
added 2025/11/29 1:57 a.m.7 views

CVE-2025-66217 AIS-catcher Integer Underflow in MQTT Packet Parsing leading to Heap Buffer Overflow

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, an integer underflow vulnerability exists in the MQTT parsing logic of AIS-catcher. This vulnerability allows an attacker to trigger a massive Heap Buffer Overflow by sending a malformed MQTT packet with a manipulated Topic Leng...

8.8CVSS7.3AI score0.00634EPSS
Exploits1References4
Rows per page
Query Builder