Filtered by vendor Gpsd Project Subscriptions
Filtered by product Gpsd Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-43628 1 Gpsd Project 1 Gpsd 2024-11-21 5.9 Medium
An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2018-17937 3 Debian, Gpsd Project, Microjson Project 3 Debian Linux, Gpsd, Microjson 2024-11-21 8.8 High
gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs.
CVE-2013-2038 2 Canonical, Gpsd Project 2 Ubuntu Linux, Gpsd 2024-11-21 N/A
The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpreted sentence that lacks certain fields and a terminator. NOTE: a separate issue in the AIS driver was also reported, but it might not be a vulnerability.