81 matches found
CVE-2022-31291
An issue in dltconfigfileparser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets...
EUVD-2020-21767
Malware in sbrugna...
EUVD-2023-30081
Malicious code in bioql PyPI...
EUVD-2022-52849
Malicious code in bioql PyPI...
EUVD-2022-42281
Malicious code in bioql PyPI...
EUVD-2022-42282
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-31291
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in dltconfigfileparser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets. CVE-2022-31291 Note that Nessus relies ...
CVE-2022-39836
An issue was discovered in Connected Vehicle Systems Alliance COVESA dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one byte...
CVE-2020-36244
The daemon in GENIVI diagnostic log and trace DLT, is vulnerable to a heap-based buffer overflow that could allow an attacker to remotely execute arbitrary code on the DLT-Daemon versions prior to 2.18.6...
CVE-2020-29394
A buffer overflow in the dltfilterload function in dltcommon.c from dlt-daemon through 2.18.5 GENIVI Diagnostic Log and Trace allows arbitrary code execution because fscanf is misused no limit on the number of characters to be read in the format argument...
Linux Distros Unpatched Vulnerability : CVE-2022-39836
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Connected Vehicle Systems Alliance COVESA dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes...
Debian: Security Advisory (DLA-3845-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3845-1] dlt-daemon security update
Debian LTS Advisory DLA-3845-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 27, 2024 https://wiki.debian.org/LTS Package : dlt-daemon Version : 2.18.0-1+deb10u2 CVE ID : CVE-2022-39836 CVE-2022-39837 CVE-2023-26257 CVE-2023-36321 Several flaws were...
Debian dla-3845 : dlt-daemon - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3845 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3845-1 [email protected]...
OPENSUSE-SU-2024:13264-1 dlt-daemon-2.18.10-1.1 on GA media
These are all security issues fixed in the dlt-daemon-2.18.10-1.1 package on the GA media of openSUSE Tumbleweed...
Connected Vehicle Systems Alliance (COVESA) dlt-daemon Security Vulnerability
The dlt-daemon is the DLT communication interface for ECUs in the GlobalGENIVI community. It collects and buffers log messages from one or more DLT users running on the ECU and makes them available to DLT clients upon request. A security vulnerability exists in Connected Vehicle Systems Alliance...
Denial Of Service (DoS)
dlt-daemon is vulnerable to Denial Of Service DoS. The vulnerability exists because the configuration file fails to generate dlt logs in the system when that file contains special characters, allowing an attacker to cause an application crash...
SUSE CVE-2023-26257
An issue was discovered in the Connected Vehicle Systems Alliance COVESA; formerly GENIVI dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c...
CVE-2023-26257
An issue was discovered in the Connected Vehicle Systems Alliance COVESA; formerly GENIVI dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c...
CVE-2023-26257
An issue was discovered in the Connected Vehicle Systems Alliance COVESA; formerly GENIVI dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c...