Lucene search
K

137 matches found

OSV
OSV
added 2026/06/25 7:16 p.m.4 views

DEBIAN-CVE-2026-56770

libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds,...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 6:14 p.m.30 views

CVE-2026-56790 CANBoat - Off-by-One Global Buffer Overflow in searchForPgn()

CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn function in analyzer/pgn.c that allows remote attackers to crash the application. Attackers can deliver a crafted NMEA-2000 message with an out-of-range PGN value over CAN bus or...

7.3CVSS0.00215EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 6:6 p.m.30 views

CVE-2026-56770 libais 0.15 - Out-of-bounds Vector Access in VdmStream::AddLine via Invalid Sequential Message ID

libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds,...

8.7CVSS0.00339EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.8 views

Danelec Marine Danelec MacGregor Voyage Data Recorder 安全漏洞

The Danelec Marine Danelec MacGregor Voyage Data Recorder is a series of ship navigation data recording systems developed by Danelec Marine. There is a security vulnerability associated with the Danelec Marine Danelec MacGregor Voyage Data Recorder. This vulnerability stems from the ability for...

5.9CVSS5.8AI score0.00169EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.9 views

CVE-2025-27851

The locally served web site on the Garmin WDU v1 1.4.6 and v2 5.0 allows a cross-site origin WebSocket hijacking attack. Among other uses, the WDU utilizes WebSockets to control settings, including administrative settings. This allows a network attacker to take full control of a WDU. To initiate ...

9.3CVSS5.6AI score0.00145EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 9:32 p.m.14 views

EUVD-2025-209829

The locally served web site on the Garmin WDU v1 1.4.6 and v2 5.0 allows a cross-site origin WebSocket hijacking attack. Among other uses, the WDU utilizes WebSockets to control settings, including administrative settings. This allows a network attacker to take full control of a WDU. To initiate ...

5.6AI score0.00145EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/13 12:0 a.m.9 views

CVE-2025-27851

The locally served web site on the Garmin WDU v1 1.4.6 and v2 5.0 allows a cross-site origin WebSocket hijacking attack. Among other uses, the WDU utilizes WebSockets to control settings, including administrative settings. This allows a network attacker to take full control of a WDU. To initiate ...

5.6AI score0.00145EPSS
Exploits0References2
CVE
CVE
added 2026/05/08 12:0 a.m.14 views

CVE-2026-29974

The CVE-2026-29974 entry affects kosma minmea version 0.3.0, specifically the minmea_scan function. The vulnerability arises because the format specifier copies NMEA field data into a caller-provided buffer without a size parameter, enabling a stack buffer overflow when processing untrusted input...

7.5CVSS6.1AI score0.00307EPSS
Exploits0References2
Schneier on Security
Schneier on Security
added 2026/03/13 9:5 p.m.5 views

Friday Squid Blogging: Increased Squid Population in the Falklands

Some good news: squid stocks seem to be recovering in the waters off the Falkland Islands. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/16 5:26 p.m.18 views

CVE-2025-62193

Sites running NOAA PMEL Live Access Server LAS are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, a remote, unauthenticated attacker can execute arbitrary OS commands. Fixed in a version of...

9.8CVSS8.6AI score0.01199EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.4 views

PT-2026-3061

Sites running NOAA PMEL Live Access Server LAS are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, unauthenticated attackers can execute arbitrary OS commands...

9.8CVSS8.6AI score0.01199EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/11 8:46 p.m.0 views

EUVD-2025-103847

Malicious code in marinejunglefowlz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 3:19 p.m.0 views

EUVD-2025-90139

Malicious code in marineorcaz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:38 a.m.0 views

EUVD-2025-77573

Malicious code in marinebasilisktan-86 npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:31 a.m.0 views

EUVD-2025-78835

Malicious code in marinenightingalez3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:16 a.m.1 views

EUVD-2025-69077

Malicious code in marineparrotz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:1 a.m.1 views

EUVD-2025-71483

Malicious code in marinejackalz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 5:18 a.m.1 views

EUVD-2025-63166

Malicious code in marinecanidz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 5:18 a.m.2 views

EUVD-2025-63162

Malicious code in marinewildcatz3n npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/11 5:18 a.m.0 views

MAL-2025-95388 Malicious code in marine_canid_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42b3b87c195edb775ea247f39dab5a8da1cb7a5739fa604fc84eb55e953d9cf2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder