Lucene search
K

410 matches found

RedhatCVE
RedhatCVE
added 5 days ago8 views

CVE-2026-58459

A flaw was found in gpsd, a service application that monitors one or more GPSes or AIS receivers. The gpsprof utility is vulnerable to a command injection. An attacker who can control the GPS device subtype value can embed malicious commands within the gnuplot plot title. When a user processes a...

9.6CVSS6.4AI score0.01775EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-58459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device...

9.6CVSS6.4AI score0.01775EPSS
Exploits1References4
OSV
OSV
added 6 days ago2 views

DEBIAN-CVE-2026-58459

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The...

9.6CVSS6.4AI score0.01775EPSS
Exploits1References1
NVD
NVD
added 6 days ago10 views

CVE-2026-58459

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The...

9.6CVSS0.01775EPSS
Exploits1References5
Debian CVE
Debian CVE
added 6 days ago6 views

CVE-2026-58459

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The...

9.6CVSS6.4AI score0.01775EPSS
Exploits1
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-58459 gpsd gpsprof Command Injection via gnuplot plot title subtype field

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The...

8.4CVSS0.01775EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 6 days ago3 views

CVE-2026-58459 gpsd gpsprof Command Injection via gnuplot plot title subtype field

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The...

8.4CVSS6.4AI score0.01775EPSS
Exploits1References5
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42622

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The...

8.4CVSS6.3AI score0.01775EPSS
Exploits1References5
CVE
CVE
added 6 days ago9 views

CVE-2026-58459

CVE-2026-58459 affects gpsd (through release-3.27.5) with a command injection in the gpsprof workflow. The subtype value of the GPS device (sourced from a DEVICES JSON log entry or NMEA PGRMT sentence) is written into a generated gnuplot program via a set title statement that escapes only double ...

9.6CVSS6.3AI score0.01775EPSS
Exploits1References5Affected Software1
AlpineLinux
AlpineLinux
added 6 days ago5 views

CVE-2026-58459

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The...

9.6CVSS6.4AI score0.01775EPSS
Exploits1References5
OSV
OSV
added 2026/04/29 7:13 p.m.9 views

JLSEC-2026-355

A flaw was found in gnuplot. The plot3dpoints function may lead to a segmentation fault and cause a system crash...

6.2CVSS6AI score0.00184EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 7:13 p.m.6 views

JLSEC-2026-359

A flaw was found in gnuplot. The X11graphics function may lead to a segmentation fault and cause a system crash...

6.2CVSS6AI score0.00184EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 7:13 p.m.9 views

JLSEC-2026-357

A flaw was found in gnuplot. The xstrftime function may lead to a segmentation fault, causing a system crash...

6.2CVSS6.1AI score0.00184EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 7:13 p.m.8 views

JLSEC-2026-358

A flaw was found in gnuplot. The CANVAStext function may lead to a segmentation fault and cause a system crash...

6.2CVSS6.1AI score0.00184EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 7:13 p.m.8 views

JLSEC-2026-356

A flaw was found in gnuplot. The GetAnnotateString function may lead to a segmentation fault and cause a system crash...

6.2CVSS6AI score0.00184EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:42 a.m.9 views

CVE-1999-0409

Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access...

4.6CVSS6.9AI score0.00708EPSS
Exploits0References1
Redos
Redos
added 2025/12/16 12:0 a.m.4 views

ROS-20251216-7306

Vulnerability in gnuplot related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...

6.2CVSS6.8AI score0.00196EPSS
Exploits0
Redos
Redos
added 2025/12/16 12:0 a.m.3 views

ROS-20251216-7304

Vulnerability in gnuplot related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

6.2CVSS6.7AI score0.00184EPSS
Exploits0
Redos
Redos
added 2025/12/16 12:0 a.m.3 views

ROS-20251216-7305

Vulnerability in gnuplot related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

6.2CVSS6.7AI score0.00184EPSS
Exploits0
Redos
Redos
added 2025/12/16 12:0 a.m.6 views

ROS-20251216-7312

Vulnerability in gnuplot related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

6.2CVSS6.7AI score0.00184EPSS
Exploits0
Rows per page
Query Builder