52 matches found
EUVD-2026-39531
RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers. Attackers can craft malicious RINEX files declaring more than 64...
CVE-2026-56789
RTKLIB 2.4.3 is affected by a heap buffer overflow and out-of-bounds stack read in readrnxobsb (src/rinex.c). The issue arises when RINEX epoch headers declare more than 64 satellites per epoch, allowing memory corruption and potentially crashing applications such as rnx2rtkp and RTKPOST. Connect...
EUVD-2026-35465
An information disclosure vulnerability in the NETGEAR Orbi satellites could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not impacted by this...
CVE-2026-0411
An information disclosure vulnerability in the NETGEAR Orbi satellites RBR/RBE/RBS Series could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not...
CVE-2026-0411 A Sensitive Information Disclosure Vulnerability in NETGEAR Orbi Satellites
An information disclosure vulnerability in the NETGEAR Orbi satellites RBR/RBE/RBS Series could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not...
CVE-2026-0411
CVE-2026-0411 describes a vulnerability in NETGEAR Orbi satellites where a user connected to the network could gain administrator access to the Orbi router. Affected are certain Orbi satellite models; Orbi WiFi Systems without satellite devices are not impacted. The CVSS-like data indicates adjac...
CVE-2026-0411 A Sensitive Information Disclosure Vulnerability in NETGEAR Orbi Satellites
An information disclosure vulnerability in the NETGEAR Orbi satellites RBR/RBE/RBS Series could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not...
PT-2026-47816
Name of the Vulnerable Software and Affected Versions NETGEAR Orbi satellites RBR/RBE/RBS Series affected versions not specified Description An information disclosure issue in NETGEAR Orbi satellites allows a user connected to the network to obtain administrator access to the Orbi router. Orbi Wi...
Astra Linux – Vulnerability in gpsd
In gpsd, before committing dc966aa, there is a heap-based out-of-bounds write vulnerability in the drivers/drivernmea2000.c file. The hnd129540 function, which handles NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to validate the user-supplied satellite count against the size of the...
[SECURITY] Fedora 44 Update: qt6-qtpositioning-6.10.3-1.fc44
The Qt Positioning APIs gives developers the ability to determine a position by using a variety of possible sources, including satellite, or wifi, or text file, and so on...
Advisory ROSA-SA-2026-3228
software: gpsd 3.21 WASP: ROSA-CHROME unaffected versions = gpsd-3.21-5 affected versions gpsd-3.21-5 CVE-ID: CVE-2025-67268 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: Vulnerability in gpsd before commit dc966aa: in drivers/drivernmea2000.c, function hnd129540 handling PGN 129540 - GNSS Satellite...
Silent Subversion: Sensor Spoofing Attacks Via Supply Chain Implants in Satellite Systems
Spoofing attacks are among the most destructive cyber threats to terrestrial systems, and they become even more dangerous in space, where satellites cannot be easily serviced, and operators depend on accurate telemetry to ensure mission success. When telemetry is compromised, entire spaceborne...
US Declassifies Information on JUMPSEAT Spy Satellites
The US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971 and 2006. I'm actually impressed to see a declassification only two decades after decommission...
gpsd: gpsd: Arbitrary code execution via heap-based out-of-bounds write in NMEA2000 packet handling
A flaw was found in gpsd. The hnd129540 function, responsible for handling NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to properly validate the user-supplied satellite count. A remote attacker can exploit this by sending a specially crafted packet with an excessive satellite count,...
gpsd: gpsd: Arbitrary code execution via heap-based out-of-bounds write in NMEA2000 packet handling
A flaw was found in gpsd. The hnd129540 function, responsible for handling NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to properly validate the user-supplied satellite count. A remote attacker can exploit this by sending a specially crafted packet with an excessive satellite count,...
SUSE CVE-2025-67268
gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/drivernmea2000.c file. The hnd129540 function, which handles NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to validate the user-supplied satellite count against the size of the skyview...
CVE-2025-67268
A flaw was found in gpsd. The hnd129540 function, responsible for handling NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to properly validate the user-supplied satellite count. A remote attacker can exploit this by sending a specially crafted packet with an excessive satellite count,...
CVE-2025-67268
gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/drivernmea2000.c file. The hnd129540 function, which handles NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to validate the user-supplied satellite count against the size of the skyview...
CVE-2025-67268
gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/drivernmea2000.c file. The hnd129540 function, which handles NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to validate the user-supplied satellite count against the size of the skyview...
CVE-2025-67268
gpsd contains a heap-based out-of-bounds write in drivers/driver_nmea2000.c (PGN 129540 handling). The hnd_129540 function validates the satellite count against a 184-element skyview array, but an input satellite count up to 255 can overflow the array, causing memory corruption, DoS, and potentia...