Lucene search
+L

165 matches found

Talos
Talos
added 2023/12/05 12:0 a.m.42 views

GPSd NTRIP Stream Parsing access violation vulnerability

Talos Vulnerability Report TALOS-2023-1860 GPSd NTRIP Stream Parsing access violation vulnerability December 5, 2023 CVE Number CVE-2023-43628 SUMMARY An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead...

7.5CVSS6.6AI score0.01225EPSS
Exploits1
Rockylinux
Rockylinux
added 2023/08/31 4:55 p.m.19 views

new package: gpsd-minimal

An update is available for gpsd-minimal. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gpsd package provides a service daemon that mediates access to a GPS...

6.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.3 views

SUSE CVE-2018-17937

gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs...

8.8CVSS8.2AI score0.02656EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2022/05/21 12:15 a.m.53 views

CVE-2018-17937

gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs...

8.8CVSS7.3AI score0.02656EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2019-0150)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.02656EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.7 views

Mageia: Security Advisory (MGASA-2021-0411)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
OpenVAS
OpenVAS
added 2021/10/30 12:0 a.m.23 views

Debian: Security Advisory (DLA-2795-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.02656EPSS
Exploits0References4
Debian
Debian
added 2021/10/29 8:3 a.m.71 views

[SECURITY] [DLA 2795-1] gpsd security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2795-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk October 29, 2021 https://wiki.debian.org/LTS -...

8.8CVSS9.1AI score0.02656EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/10/29 12:0 a.m.27 views

Debian DLA-2795-1 : gpsd - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2795 advisory. A security vulnerability was discovered in gpsd, the Global Positioning System daemon. A stack-based buffer overflow may allow remote attackers to execute arbitrary code vi...

8.8CVSS8.5AI score0.02656EPSS
Exploits0References6
OSV
OSV
added 2021/10/29 12:0 a.m.17 views

DLA-2795-1 gpsd - security update

Bulletin has no description...

8.8CVSS8.6AI score0.02656EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/22 12:16 p.m.63 views

A bug is about to confuse a lot of computers by turning back time 20 years

For those of you that remember the fuss about the Y2K bug, this story may sound familiar. The Cybersecurity & Infrastructure Security Agency CISA has issued a warning to Critical Infrastructure CI owners and operators, and other users who get the time from GPS, about a GPS Daemon GPSD bug in GPSD...

7.4AI score
Exploits0
CISA
CISA
added 2021/10/21 12:0 a.m.15 views

GPS Daemon (GPSD) Rollover Bug

Critical Infrastructure CI owners and operators, and other users who obtain Coordinated Universal Time UTC from Global Positioning System GPS devices, should be aware of a GPS Daemon GPSD bug in GPSD versions 3.20 released December 31, 2019 through 3.22 released January 8, 2021. On October 24,...

6.5AI score
Exploits0References4
Mageia
Mageia
added 2021/08/25 5:36 p.m.26 views

Updated gpsd packages fix security vulnerability and other bugs

It was discovered that GPSd incorrectly handled certain leap second events which would result in the time jumping back 1024 weeks on 2021-10-31. This update provides upstream version 3.23 that has this and several other upstream issues fixed. It also fixes issues that prevents it to start properl...

1.3AI score
Exploits0References2
OSV
OSV
added 2021/08/25 5:36 p.m.6 views

MGASA-2021-0411 Updated gpsd packages fix security vulnerability and other bugs

It was discovered that GPSd incorrectly handled certain leap second events which would result in the time jumping back 1024 weeks on 2021-10-31. This update provides upstream version 3.23 that has this and several other upstream issues fixed. It also fixes issues that prevents it to start properl...

7.4AI score
Exploits0References3
OpenVAS
OpenVAS
added 2021/08/11 12:0 a.m.8 views

Ubuntu: Security Advisory (USN-5035-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
Ubuntu
Ubuntu
added 2021/08/10 12:3 p.m.135 views

USN-5035-1: GPSd vulnerability

It was discovered that GPSd incorrectly handled certain leap second events which would result in the time jumping back 1024 weeks on 2021-10-31...

5.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.15 views

Ubuntu 20.04 LTS : GPSd vulnerability (USN-5035-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5035-1 advisory. It was discovered that GPSd incorrectly handled certain leap second events which would result in the time jumping back 1024 weeks on 2021-10-31. Tenable has...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/09/30 12:0 a.m.32 views

GLSA-202009-17 : gpsd: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-202009-17 gpsd: Arbitrary code execution A stack-based buffer overflow was discovered in gpsd on port 2947/TCP or crafted JSON inputs. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the...

8.8CVSS8.8AI score0.02656EPSS
Exploits0References2
Mageia
Mageia
added 2019/04/10 10:46 p.m.29 views

Updated gpsd packages fix security vulnerability

A stack-based buffer overflow flaw was found in gpsd versions 2.90 to 3.17. Successful exploitation of this vulnerability could allow remote code execution, data exfiltration, or denial-of service via device crash CVE-2018-17937...

8.8CVSS6.4AI score0.02656EPSS
Exploits0References2
OSV
OSV
added 2019/04/10 10:46 p.m.6 views

MGASA-2019-0150 Updated gpsd packages fix security vulnerability

A stack-based buffer overflow flaw was found in gpsd versions 2.90 to 3.17. Successful exploitation of this vulnerability could allow remote code execution, data exfiltration, or denial-of service via device crash CVE-2018-17937...

8.8CVSS8.8AI score0.02656EPSS
Exploits0References3
Rows per page
Query Builder