Lucene search
K

613 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/15 10:47 a.m.7 views

CVE-2025-32061

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS6.9AI score0.00379EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/15 10:47 a.m.7 views

CVE-2025-32061 Stack Buffer Overflow leading to RCE in Bluetooth stack of Infotainment ECU

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS6.9AI score0.00379EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/15 10:46 a.m.5 views

CVE-2025-32060

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

6.7CVSS5.8AI score0.00112EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/02/15 10:46 a.m.7 views

EUVD-2025-206906

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

6.7CVSS5.9AI score0.00112EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/15 10:46 a.m.7 views

CVE-2025-32060 Absence of Kernel Module Signature Verification on Linux System of Infotainment ECU

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

6.7CVSS5.8AI score0.00112EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/15 10:46 a.m.30 views

CVE-2025-32060 Absence of Kernel Module Signature Verification on Linux System of Infotainment ECU

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

6.7CVSS0.00112EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/15 10:45 a.m.8 views

EUVD-2025-206904

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS7AI score0.00379EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/15 10:45 a.m.6 views

CVE-2025-32059

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS6.9AI score0.00379EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/02/15 10:45 a.m.232 views

CVE-2025-32059

The CVE-2025-32059 entry concerns the Bluetooth stack in the Bosch Infotainment ECU, implemented by Alps Alpine. The root cause is improper boundary validation of user-supplied data, triggering a stack-based buffer overflow when handling a specific packet on the L2CAP channel. The issue enables r...

8.8CVSS6.9AI score0.00379EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/15 10:45 a.m.27 views

CVE-2025-32059 Stack Buffer Overflow leading to RCE in Bluetooth stack of Infotainment ECU

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS0.00379EPSS
Exploits0References3
CVE
CVE
added 2026/02/15 10:44 a.m.81 views

CVE-2025-32058

Summary: CVE-2025-32058 affects Bosch Infotainment ECU using a RH850 module for CAN communication. A vulnerability in processing requests for a custom protocol over the INC interface (on the RH850 side) can let an attacker who already has code execution on the infotainment main SoC execute code o...

9.3CVSS6.3AI score0.00159EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/15 10:44 a.m.9 views

EUVD-2025-206907

The Infotainment ECU manufactured by Bosch uses a RH850 module for CAN communication. RH850 is connected to infotainment over the INC interface through a custom protocol. There is a vulnerability during processing requests of this protocol on the V850 side which allows an attacker with code...

9.3CVSS6.4AI score0.00159EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/15 10:44 a.m.8 views

CVE-2025-32058

The Infotainment ECU manufactured by Bosch uses a RH850 module for CAN communication. RH850 is connected to infotainment over the INC interface through a custom protocol. There is a vulnerability during processing requests of this protocol on the V850 side which allows an attacker with code...

9.3CVSS6.3AI score0.00159EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/11 12:40 a.m.5 views

CLEANSTART-2026-IM73098 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the istio-pilot-discovery package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00451EPSS
Exploits2References5
OSV
OSV
added 2026/02/11 12:40 a.m.2 views

CLEANSTART-2026-XB34574 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.5AI score0.00451EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-22976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: schqfq: Fix NULL deref when deactivating inactive aggregate in qfqreset qfqclass-leafqdisc-q.qlen 0 does not imply that the class itself is active. T...

5.5CVSS6AI score0.00118EPSS
Exploits0References3
OSV
OSV
added 2026/01/30 4:50 p.m.2 views

CLEANSTART-2026-HL71566 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the docker-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS8.7AI score0.18828EPSS
Exploits7References31
OSV
OSV
added 2026/01/30 4:37 p.m.0 views

CLEANSTART-2026-IY17697 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00579EPSS
Exploits3References10
OSV
OSV
added 2026/01/30 4:37 p.m.4 views

CLEANSTART-2026-FP29743 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00579EPSS
Exploits3References10
OSV
OSV
added 2026/01/30 4:29 p.m.4 views

CLEANSTART-2026-AU31441 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the metrics-server-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00451EPSS
Exploits2References6
Rows per page
Query Builder