Filtered by vendor Gpsd Project
Subscriptions
Filtered by product Gpsd
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-43628 | 1 Gpsd Project | 1 Gpsd | 2024-11-21 | 5.9 Medium |
An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability. | ||||
CVE-2018-17937 | 3 Debian, Gpsd Project, Microjson Project | 3 Debian Linux, Gpsd, Microjson | 2024-11-21 | 8.8 High |
gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs. | ||||
CVE-2013-2038 | 2 Canonical, Gpsd Project | 2 Ubuntu Linux, Gpsd | 2024-11-21 | N/A |
The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpreted sentence that lacks certain fields and a terminator. NOTE: a separate issue in the AIS driver was also reported, but it might not be a vulnerability. |
Page 1 of 1.