|
1091
|
- |
|
-
|
-
|
Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Transport_Protocol_Data_Transfer,allows attackers to write to arb…
|
-
|
CVE-2026-37534
|
2026-05-2 02:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1092
|
7.1 |
HIGH
Adjacent
|
-
|
-
|
AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotp_continue_receive (receive.c:87-89), the payload_length for a Single Frame is extracted fro…
|
-
|
CVE-2026-37532
|
2026-05-2 02:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1093
|
9.8 |
CRITICAL
Network
|
-
|
-
|
AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation flow. The is_valid_filename fu…
|
-
|
CVE-2026-37531
|
2026-05-2 02:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1094
|
- |
|
-
|
-
|
AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The send_diagnostic_request function in uds.c allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD…
|
-
|
CVE-2026-37530
|
2026-05-2 02:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1095
|
7.8 |
HIGH
Local
|
-
|
-
|
AGL app-framework-binder (afb-daemon) through v19.90.0 allows any local process to execute privileged supervision commands (Exit, Do, Sclose, Config, Trace, Debug, Token, slist) without authenticatio…
|
-
|
CVE-2026-37526
|
2026-05-2 02:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1096
|
7.8 |
HIGH
Local
|
-
|
-
|
AGL app-framework-binder (afb-daemon) through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The on_supervision_call function in src/afb-supervision.c explicitl…
|
-
|
CVE-2026-37525
|
2026-05-2 02:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1097
|
6.5 |
MEDIUM
Network
|
prosody
|
prosody
|
An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 mishandles access control in the activation scenario, relayin…
|
CWE-420
Unprotected Alternate Channel
|
CVE-2026-43505
|
2026-05-2 02:15 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1098
|
6.5 |
MEDIUM
Network
|
prosody
|
prosody
|
An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 mishandles access control in a paused scenario, relaying of u…
|
CWE-863
Incorrect Authorization
|
CVE-2026-43504
|
2026-05-2 02:15 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1099
|
7.5 |
HIGH
Network
|
prosody
|
prosody
|
An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory leaks from unauthenticated connections.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-43506
|
2026-05-2 02:09 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1100
|
7.5 |
HIGH
Network
|
prosody
|
prosody
|
An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by XML parsing resource amplification from unauthen…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-43507
|
2026-05-2 02:09 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
