CVE-2026-56787

RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decodessr3 function at src/rtcm3.c:1446 that allows remote attackers to trigger a global buffer overflow via crafted RTCM3 SSR messages with attacker-controlled signal mode fields. Remote attackers can exploit thi...

CVE-2026-56786

RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decodetype1033 function that fails to clamp length counters to destination buffer size, allowing up to 191-byte overflow into fixed 64-byte descriptor fields. An attacker controlling an NTRIP or serial RTCM3 correction stream c...

OSV-2026-209 Use-of-uninitialized-value in ntrip_parse_url

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=482281265 Crash type: Use-of-uninitialized-value Crash state: ntripparseurl FuzzClient.c...

EUVD-2022-46031

Malicious code in bioql PyPI...

CVE-2023-43628

An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-43628

An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability...

Integer overflow

An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-43628

An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-43628

CVE-2023-43628 affects GPSd 3.25.1~dev, with an integer underflow in the NTRIP Stream Parsing path that can cause memory corruption when processing crafted network packets. Talos’ analysis documents the vulnerability as an access/memory corruption issue in GPSd’s NTRIP client, triggered by a malf...

CVE-2023-43628

An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-43628

An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability...

GPSd NTRIP Stream Parsing access violation vulnerability

Talos Vulnerability Report TALOS-2023-1860 GPSd NTRIP Stream Parsing access violation vulnerability December 5, 2023 CVE Number CVE-2023-43628 SUMMARY An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead...

CVE-2023-3034 Reflected XSS in BKG Ntrip Professional Caster version <=2.0.44

Reflected XSS affects the ‘mode’ parameter in the /admin functionality of the web application in versions =2.0.44...

CVE-2023-3034 Reflected XSS in BKG Ntrip Professional Caster version <=2.0.44

Reflected XSS affects the ‘mode’ parameter in the /admin functionality of the web application in versions =2.0.44...

CVE-2022-42982

BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without authentication. The NTRIP sourcetable is typically quite long tens of kBs and can be requested with a packet of only 30 bytes. This presents a vector that can be used for UDP amplification attacks...

Authentication flaw

BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without authentication. The NTRIP sourcetable is typically quite long tens of kBs and can be requested with a packet of only 30 bytes. This presents a vector that can be used for UDP amplification attacks...

[RT-SA-2010-002] Geo++&#40;R&#41; GNCASTER: Insecure handling of NMEA-data

Advisory: Geo++R GNCASTER: Insecure handling of NMEA-data During a penetration test, RedTeam Pentesting discovered that the GNCaster software does not handle NMEA-data correctly. An attacker that has valid login credentials can use this to crash the server software or potentially execute code on...

[RT-SA-2010-001] Geo++&#40;R&#41; GNCASTER: Insecure handling of long URLs

Advisory: Geo++R GNCASTER: Insecure handling of long URLs During a penetration test, RedTeam Pentesting discovered that the GNCASTER software does not handle long URLs correctly. An attacker can use this to crash the server software or potentially execute code on the server. Details =======...

[RT-SA-2010-003] Geo++&#40;R&#41; GNCASTER: Faulty implementation of HTTP Digest Authentication

Advisory: Geo++R GNCASTER: Faulty implementation of HTTP Digest Authentication During a penetration test, RedTeam Pentesting discovered that the GNCaster software has multiple bugs in its implementation of HTTP Digest Authentication. Details ======= Product: Geo++R GNCASTER Affected Versions: =...