1014 matches found
CVE-2026-27425
Unauthenticated Cross Site Scripting XSS in Automotive Listings = 18.6 versions...
CVE-2026-27426
Unauthenticated Cross Site Scripting XSS in Automotive Car Dealership Business = 13.3.3 versions...
CVE-2026-27426
CVE-2026-27426 affects the WordPress Automotive Car Dealership Business theme
CVE-2026-27426 WordPress Automotive Car Dealership Business theme <= 13.3.3 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Automotive Car Dealership Business = 13.3.3 versions...
CVE-2026-27425
CVE-2026-27425 details (normal mode): Unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability affecting WordPress Automotive Listings plugin, versions up to and including 18.6. The issue is due to a reflected XSS flaw in the plugin’s input handling, allowing an attacker to craft a mal...
CVE-2026-27425 WordPress Automotive Listings plugin <= 18.6 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Automotive Listings = 18.6 versions...
WordPress Automotive Listings plugin <= 18.6 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Automotive Listings versions = 18.6...
CVE-2026-54413
driftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds read in the Handle0x27SecurityAccess function in iso14229.c that allows a remote unauthenticated attacker to crash a UDS server and potentially read memory past the receive buffer by sending a single-byt...
vehicle-subsystem-security-assessment
🚗 End-to-end security assessment of vehicle subsystems ! Me...
CVE-2026-42485
AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...
Android Security Bulletin—June 2026Stay organized with collectionsSave and categorize content based on your preferences.
The Android Automotive OS AAOS Update Bulletin contains details of security vulnerabilities affecting the Android Automotive OS platform. The full AAOS update comprises the security patch level of 2026-06-05 or later from the June 2026 Android Security Bulletin in addition to all issues in this...
CVE-2025-14042 Automotive Car Dealership Business WordPress Theme <= 13.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Portfolio Project Details
The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' custom field in Portfolio Items in all versions up to, and including, 13.4.1. This is due to insufficient input sanitization and output escaping on...
CVE-2025-14042
The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' custom field in Portfolio Items in all versions up to, and including, 13.4.1. This is due to insufficient input sanitization and output escaping on...
WordPress Theme Automotive Car Dealership Business 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress Automotive Car Dealership Business WordPress Theme theme <= 13.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Mateusz Gierblinski in WordPress Theme Automotive Car Dealership Business versions = 13.4.1...
CVE-2026-24082 Use After Free in Automotive GPU
Memory Corruption when copying data from a freed source while executing performance counter deselect operation...
CVE-2026-24082 Use After Free in Automotive GPU
Memory Corruption when copying data from a freed source while executing performance counter deselect operation...
CVE-2026-24082
CVE-2026-24082 concerns a memory corruption (use-after-free) issue in an Automotive GPU, triggered when copying data from a freed source during a performance counter deselect operation. The connected records specify a memory corruption vulnerability with CVSSv3.1 base score 7.8 (HIGH), attack vec...
CVE-2025-47404 Buffer Copy Without Checking Size of Input in Automotive Audio
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified...
CVE-2025-47404 Buffer Copy Without Checking Size of Input in Automotive Audio
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified...