Lucene search
K

141 matches found

CVE
CVE
added last week14 views

CVE-2026-54772

CoreWCF (net.tcp/net.pipe/net.uds) prior to versions 1.8.1 and 1.9.1 is affected. An unauthenticated remote attacker can trigger premature EOF handling in the framing handshake, causing one server thread-pool worker to be pinned at 100% CPU per connection and potentially exhausting CPU with multi...

7.5CVSS6AI score0.00476EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.17 views

CVE-2026-46389

UDS Identity Config builds the Keycloak configuration image realm, plugins, theme, truststore, JARs consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the client-kubernetes-secret Keycloak client authenticator shipped by uds-identity-config and consume...

10CVSS5.4AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.11 views

CVE-2026-42485

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...

7.5CVSS5.9AI score0.00314EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.17 views

CVE-2026-37530

AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3...

7.5CVSS5.9AI score0.00402EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 6:10 p.m.4 views

CVE-2026-46389 UDS Identity Config has a client authentication bypass in `ClientIdAndKubernetesSecretAuthenticator`

UDS Identity Config builds the Keycloak configuration image realm, plugins, theme, truststore, JARs consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the client-kubernetes-secret Keycloak client authenticator shipped by uds-identity-config and consume...

10CVSS7.1AI score0.00341EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/05 6:10 p.m.34 views

CVE-2026-46389 UDS Identity Config has a client authentication bypass in `ClientIdAndKubernetesSecretAuthenticator`

UDS Identity Config builds the Keycloak configuration image realm, plugins, theme, truststore, JARs consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the client-kubernetes-secret Keycloak client authenticator shipped by uds-identity-config and consume...

10CVSS0.00341EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 6:10 p.m.14 views

EUVD-2026-34879

UDS Identity Config builds the Keycloak configuration image realm, plugins, theme, truststore, JARs consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the client-kubernetes-secret Keycloak client authenticator shipped by uds-identity-config and consume...

10CVSS5.4AI score0.00341EPSS
Exploits0References2
NVD
NVD
added 2026/05/01 5:16 p.m.5 views

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

8.8CVSS0.00254EPSS
Exploits0References3
NVD
NVD
added 2026/05/01 5:16 p.m.9 views

CVE-2026-37530

AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3...

7.5CVSS0.00402EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/01 2:10 a.m.5 views

SUSE CVE-2026-7375

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.3AI score0.00193EPSS
Exploits1References3
EUVD
EUVD
added 2026/05/01 12:0 a.m.6 views

EUVD-2026-26698

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...

7.5CVSS6AI score0.00314EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.6 views

PT-2026-36519

Name of the Vulnerable Software and Affected Versions agl-service-can-low-level affected versions not specified Description A stack buffer overflow exists in the uds-c library. The send diagnostic request function in uds.c allocates a 6-byte stack buffer but copies up to 7 bytes via memcpy at an...

7.5CVSS6.3AI score0.00314EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.12 views

PT-2026-36505

Name of the Vulnerable Software and Affected Versions agl-service-can-low-level versions prior to 17.1.12 Description A stack buffer overflow exists in the uds-c library. The send diagnostic request function in uds.c allocates a 6-byte stack buffer but copies up to 7 bytes via memcpy at an offset...

7.5CVSS6.6AI score0.00402EPSS
Exploits0References6
CVE
CVE
added 2026/05/01 12:0 a.m.25 views

CVE-2026-37530

CVE-2026-37530 affects AGL’s agl-service-can-low-level up to version 17.1.12. The uds-c library contains a stack buffer overflow in the send_diagnostic_request function: it allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) but copies up to 7 bytes (MAX_UDS_REQUEST_PAYLOAD_LENGTH=7) ...

7.5CVSS6AI score0.00402EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/01 12:0 a.m.3 views

CVE-2026-42485

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...

6AI score0.00314EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/01 12:0 a.m.4 views

CVE-2026-37530

AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3...

7.5CVSS6AI score0.00402EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/01 12:0 a.m.5 views

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

8.8CVSS6AI score0.00254EPSS
Exploits0References3
NVD
NVD
added 2026/04/30 6:16 a.m.6 views

CVE-2026-7375

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

7.5CVSS0.00193EPSS
Exploits1References2
OSV
OSV
added 2026/04/30 6:16 a.m.5 views

UBUNTU-CVE-2026-7375

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

7.5CVSS5.8AI score0.00193EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/04/30 5:4 a.m.9 views

CVE-2026-7375

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

7.5CVSS5.3AI score0.00193EPSS
Exploits1
Rows per page
Query Builder