|
1271
|
7.1 |
HIGH
Adjacent
|
-
|
-
|
openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac (2021-08-09) contains an out-of-bounds read in the ISO-TP Single Frame receive handler, where the 4-bit payload length nibble is us…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-37535
|
2026-05-8 00:53 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1272
|
8.8 |
HIGH
Adjacent
|
-
|
-
|
miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a (2016-10-05) contains a stack buffer overflow in send_diagnostic_request. A 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) receives …
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-37536
|
2026-05-8 00:53 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1273
|
8.1 |
HIGH
Adjacent
|
-
|
-
|
collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 (2023-03-08) contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-37537
|
2026-05-8 00:53 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1274
|
7.5 |
HIGH
Network
|
-
|
-
|
Buffer overflow vulnerability in socketcand 0.4.2 in file socketcand.c in function main allows attackers to cause a denial of service or other unspecified impacts via crafted bus_name.
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-37538
|
2026-05-8 00:53 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1275
|
8.4 |
HIGH
Local
|
-
|
-
|
OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elf_loader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF h…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-37540
|
2026-05-8 00:53 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1276
|
7.8 |
HIGH
Local
|
-
|
-
|
An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 Build 1004 allows attackers to access kernel memory and escal…
|
CWE-20
CWE-269
Improper Input Validation
Improper Privilege Management
|
CVE-2025-52347
|
2026-05-8 00:53 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1277
|
8.1 |
HIGH
Network
|
-
|
-
|
phpBB before 3.3.16 is vulnerable to Host Header Injection that can lead to password rest link poisoning. When force_server_vars is disabled, the servers hostname may be extracted from the HTTP Host …
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2026-29199
|
2026-05-8 00:53 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1278
|
7.8 |
HIGH
Local
|
-
|
-
|
An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6 allows a local attacker to execute arbitrary code via the shutdownMachine and putMachineToSleep function…
|
CWE-77
CWE-94
Command Injection
Code Injection
|
CVE-2026-36365
|
2026-05-8 00:53 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1279
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service (DoS) via supplying a crafted UPDATE …
|
CWE-20
Improper Input Validation
|
CVE-2026-37458
|
2026-05-8 00:53 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1280
|
7.5 |
HIGH
Network
|
-
|
-
|
An out-of-bounds read in the ParseIP6Extended function (/bgp/bgp.go) of gobgp v4.3.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.
|
CWE-125
Out-of-bounds Read
|
CVE-2026-37461
|
2026-05-8 00:53 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
