CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/01 5:16 p.m.•0 views

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

8.8CVSS0.00021EPSS

NVD•added 2026/05/01 5:16 p.m.•2 views

CVE-2026-37530

AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3...

7.5CVSS0.00018EPSS

ATTACKERKB•added 2026/05/01 12:0 a.m.•0 views

CVE-2026-42485

7.5CVSS6AI score0.00057EPSS

Vulnrichment•added 2026/05/01 12:0 a.m.•2 views

CVE-2026-37536

ATTACKERKB•added 2026/05/01 12:0 a.m.•0 views

CVE-2026-37536

Positive Technologies•added 2026/05/01 12:0 a.m.•1 views

Exploits0References4

PT-2026-36510

Name of the Vulnerable Software and Affected Versions miaofng/uds-c versions prior to commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a Description A stack buffer overflow exists in the send diagnostic request function. The issue occurs because a 6-byte stack buffer, defined by MAX DIAGNOSTIC PAYLO...

CVE•added 2026/05/01 12:0 a.m.•4 views

Exploits0References5

CVE-2026-37530

CVE-2026-37530 affects AGL’s agl-service-can-low-level up to version 17.1.12. The uds-c library contains a stack buffer overflow in the send_diagnostic_request function: it allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) but copies up to 7 bytes (MAX_UDS_REQUEST_PAYLOAD_LENGTH=7) ...

7.5CVSS6AI score0.00018EPSS

Exploits0References2Affected Software1

EUVD•added 2026/05/01 12:0 a.m.•0 views

EUVD-2026-26698

7.5CVSS6AI score0.00057EPSS

CVE•added 2026/05/01 12:0 a.m.•2 views

CVE-2026-37536

The CVE-2026-37536 entry concerns miaofng/uds-c (commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a, 2016-10-05). A stack buffer overflow occurs in send_diagnostic_request: a 6-byte buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) is written via memcpy at offset 1+pid_length with payload_length bytes. The def...

EUVD•added 2026/05/01 12:0 a.m.•0 views

EUVD-2026-26683

7.5CVSS6AI score0.00018EPSS

EUVD•added 2026/05/01 12:0 a.m.•0 views

EUVD-2026-26689

CNNVD•added 2026/05/01 12:0 a.m.•6 views

Unified Diagnostic Services Support Library in C 安全漏洞

Unified Diagnostic Services Support Library in C is an automotive electronic diagnostic protocol support library by a personal developer, Laughing with the Wind. Unified Diagnostic Services Support Library in C has a security vulnerability that originates from a stack buffer overflow in the...

8.8CVSS6.3AI score0.00021EPSS

Exploits0References1

CNNVD•added 2026/05/01 12:0 a.m.•4 views

Automotive Grade Linux agl-service-can-low-level 安全漏洞

Automotive Grade Linux agl-service-can-low-level is an in-vehicle communication service component from Automotive Grade Linux, Inc. A security vulnerability exists in Automotive Grade Linux agl-service-can-low-level, which stems from a stack buffer overflow in the senddiagnosticrequest function i...

7.5CVSS6.3AI score0.00057EPSS

Exploits0References1

Cvelist•added 2026/05/01 12:0 a.m.•23 views

CVE-2026-37536

8.8CVSS0.00021EPSS

ATTACKERKB•added 2026/05/01 12:0 a.m.•1 views

CVE-2026-37530

7.5CVSS6AI score0.00018EPSS

CNNVD•added 2024/07/30 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the inetdiag module where the pad field in the inetdiagreqv2 structure is not initialized before use,...

5.5CVSS6.4AI score0.00015EPSS

Exploits0References9

Positive Technologies•added 2024/01/12 12:0 a.m.•2 views

PT-2024-12182 · Skoda · Skoda Vehicles

Name of the Vulnerable Software and Affected Versions: Skoda vehicles affected versions not specified Description: The issue allows an attacker to send a specific reset UDS request via the OBDII port of Skoda vehicles, potentially causing the vehicle engine to shut down and resulting in the denia...

5.5CVSS7AI score0.00025EPSS

Exploits0References8

CNVD•added 2017/07/13 12:0 a.m.•2 views

SAP Netweaver Dynpro Engine Denial of Service Vulnerability (CNVD-2017-23558))

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform can provide development and runtime environment for SAP applications. disp + work is one of the task dispatcher. A security vulnerability exists in disp+work version 7400.12.21.3030...

7.8CVSS7.7AI score0.04189EPSS

Exploits0References1

OSV•added 2017/07/12 4:29 p.m.•0 views

CVE-2017-9845

disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service resource consumption via a crafted DIAG request, aka SAP Security Note 2405918...

7.5CVSS5.8AI score