223 matches found
CVE-2023-34406
An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG New Telematics Generation 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2024-37603
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible type confusion exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2024-37601
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause t...
CVE-2024-37603
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible type confusion exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2024-37601
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause t...
CVE-2024-37603
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible type confusion exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2024-37601
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause t...
CVE-2023-34406
An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG New Telematics Generation 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2024-37601
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause t...
CVE-2024-37603
CVE-2024-37603 affects Mercedes-Benz NTG6 head units, with a type-confusion vulnerability in the USB-based UserData import/export workflow. Exploitation requires physical access to the vehicle’s USB interface; an attacker can craft data that causes the UserData service to crash, after which the s...
CVE-2023-34406
CVE-2023-34406 affects Mercedes‑Benz NTG 6 head units. The issue is an integer overflow in the UserData import/export function of NTG 6. Exploitation requires local access via USB; with prepared data, a attacker can crash the User-Data service, after which the service restarts automatically. The ...
IBL Software Engineering Visual Weather 安全漏洞
IBL Software Engineering Visual Weather is a visual weather application from IBL Software Engineering. A security vulnerability exists in IBL Software Engineering Visual Weather that stems from a misconfiguration of the PDS component, which allows remote execution of arbitrary Python code...
PT-2025-1392 · Mercedes Benz · Ntg 6
Name of the Vulnerable Software and Affected Versions: Mercedes Benz NTG 6 affected versions not specified Description: An issue exists in the user data import/export function of NTG 6 head units, where a possible integer overflow can occur. To exploit this, an attacker needs local access to the...
HPE Cray Data Virtualization Service(DVS) 安全漏洞
HPE Cray Data Virtualization Service is a distributed network service from HPE. A security vulnerability exists in HPE Cray Data Virtualization Service DVS that stems from vulnerability to unauthorized local or clustered access...
The vulnerability of the Windows operating system’s streaming data transmission service allows attackers to enhance their privileges.
The vulnerability of the Windows operating system’s streaming data transmission service is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
CVE-2023-44417
D-Link DAP-2622 DDP Set IPv4 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
PT-2024-12700 · Tcl +1 · Tcl 30Z +2
Name of the Vulnerable Software and Affected Versions: TCL 30Z versions v5.2120.02.12008.1.T through v5.2120.02.12008.2.T TCL 10L version v3.2014.12.1012.B Description: The issue concerns certain software builds for TCL Android devices that contain a vulnerable pre-installed app. This app relies ...
reshare.ukdataservice.ac.uk Cross Site Scripting vulnerability OBB-3918479
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Couchbase Server Security Vulnerability
Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. A security vulnerability exists in Couchbase Server 7.2.2 and earlier versions, which originates from a user with data...
CVE-2023-41368
The OData service of the S4 HANA Manage checkbook apps - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call...