520 matches found
ABB T-MAC Plus 安全漏洞
ABB T-MAC Plus is a shipboard equipment status monitoring and predictive maintenance management system developed by the Swiss company ABB. Version 4.0-24 of ABB T-MAC Plus contains a security vulnerability, which stems from bypassing authorization through user control keys...
CVE-2026-37541
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatgvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted GVRET frames...
UBUNTU-CVE-2026-42154
Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint /api/v1/read does not validate the declared decoded length in a snappy-compressed request body before allocating memory. An unauthenticated attacker can send a sma...
CVE-2026-42154
Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint /api/v1/read does not validate the declared decoded length in a snappy-compressed request body before allocating memory. An unauthenticated attacker can send a sma...
CVE-2026-42469
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatcanswitch.cpp the parser does not properly validate a CANswitch DLC value, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted CANswitch frames...
CVE-2026-37541
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatgvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted GVRET frames...
CVE-2026-37541
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatgvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted GVRET frames...
EUVD-2026-26697
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatcanswitch.cpp the parser does not properly validate a CANswitch DLC value, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted CANswitch frames...
Open-Vehicle-Monitoring-System-3 安全漏洞
Open-Vehicle-Monitoring-System-3 is an open source vehicle remote monitoring and diagnostic control system from Open Vehicles. A security vulnerability exists in Open-Vehicle-Monitoring-System-3 version 3.3.005, which stems from a failure to properly validate the CANswitch DLC value in...
CVE-2026-42469
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatcanswitch.cpp the parser does not properly validate a CANswitch DLC value, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted CANswitch frames...
CVE-2026-42469
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatcanswitch.cpp the parser does not properly validate a CANswitch DLC value, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted CANswitch frames...
Open-Vehicle-Monitoring-System-3 安全漏洞
Open-Vehicle-Monitoring-System-3 is an open source vehicle remote monitoring and diagnostic control system from Open Vehicles. A security vulnerability exists in Open-Vehicle-Monitoring-System-3 version 3.3.005, which stems from the length field of the GVRET binary data in canformatgvret.cpp not...
EUVD-2026-26694
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatgvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted GVRET frames...
PT-2026-36515
Name of the Vulnerable Software and Affected Versions Open Vehicle Monitoring System 3 OVMS3 version 3.3.005 Description A buffer overflow exists in the canformat gvret.cpp file. The length field in GVRET binary data is not properly validated, which allows remote attackers to cause a denial of...
EUVD-2026-26696
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatpcap.cpp , the parser's phdr.len field is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted PCAP input...
CVE-2026-42468
CVE-2026-42468 affects Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In the file canformat_pcap.cpp , the parser’s phdr.len field is not properly validated, causing a buffer overflow . This may allow a remote attacker to cause a denial of service or possibly execute arbitrary code by feeding ...
CVE-2026-37541
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatgvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted GVRET frames...
PT-2026-36517
Name of the Vulnerable Software and Affected Versions Open Vehicle Monitoring System 3 OVMS3 version 3.3.005 Description A buffer overflow occurs in canformat pcap.cpp because the parser's phdr.len field is not properly validated. This allows remote attackers to cause a denial of service or...
CVE-2026-42469
CVE-2026-42469 describes a buffer overflow in Open Vehicle Monitoring System 3 (OVMS3) version 3.3.005. The flaw resides in canformat_canswitch.cpp where the parser does not properly validate the CANswitch DLC value, enabling remote attackers to cause a denial of service or potentially execute ar...
CVE-2026-40179
Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without...