Export limit exceeded: 17172 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339018 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-56187 | 1 Google | 1 Android | 2025-06-27 | 6.6 Medium |
| In ppcfw_deny_sec_dram_access of ppcfw.c, there is a possible arbitrary read from TEE memory due to a logic error in the code. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-34397 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 7.5 High |
| Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB. During parsing you can trigger that the service will be crashed. | ||||
| CVE-2023-34398 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 7.5 High |
| Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference. | ||||
| CVE-2023-34399 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 9.8 Critical |
| Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow. | ||||
| CVE-2023-34400 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 7.5 High |
| Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. In case of parsing file, service try to define header inside the file and convert it to null-terminated string. If character is missed, will return null pointer. | ||||
| CVE-2023-34401 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 3.7 Low |
| Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with proprietary UD2 codec. Due to missed size checks in the enapsulate file, attacker can achieve Out-of-Bound Read in heap memory. | ||||
| CVE-2023-34402 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 7.7 High |
| Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights. | ||||
| CVE-2023-34403 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 4.9 Medium |
| Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to this pins and get access to internal network. A race condition can be acquired and attacker can spoof “UserData” with desirable file path and access it though backup on USB. | ||||
| CVE-2024-56188 | 1 Google | 1 Android | 2025-06-27 | 5.1 Medium |
| there is a possible way to crash the modem due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-34404 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 4.9 Medium |
| Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to these pins and get access to internal network. As a result, by accessing a specific port an attacker can send call request to all registered services in router and achieve command injection vulnerability. | ||||
| CVE-2023-34406 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 3.3 Low |
| An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically. | ||||
| CVE-2024-37603 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 4.6 Medium |
| An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible type confusion exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically. | ||||
| CVE-2024-37602 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 4.6 Medium |
| An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A possible NULL pointer dereference in the Apple Car Play function affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP address, an attacker can connect via the internal network to the AirTunes / AirPlay service. With prepared HTTP requests, an attacker can cause the Car Play service to fail. | ||||
| CVE-2024-37601 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 4.6 Medium |
| An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically. | ||||
| CVE-2024-37600 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 6.8 Medium |
| An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A possible stack buffer overflow in the Service Broker service affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP address, an attacker can connect via the internal network to the Service Broker service. With prepared HTTP requests, an attacker can cause the Service-Broker service to fail. | ||||
| CVE-2025-53007 | 2025-06-27 | N/A | ||
| arduino-esp32 provides an Arduino core for the ESP32. Versions prior to 3.3.0-RC1 and 3.2.1 contain a HTTP Response Splitting vulnerability. The `sendHeader` function takes arbitrary input for the HTTP header name and value, concatenates them into an HTTP header line, and appends this to the outgoing HTTP response headers. There is no validation or sanitization of the `name` or `value` parameters before they are included in the HTTP response. If an attacker can control the input to `sendHeader` (either directly or indirectly), they could inject carriage return (`\r`) or line feed (`\n`) characters into either the header name or value. This could allow the attacker to inject additional headers, manipulate the structure of the HTTP response, potentially inject an entire new HTTP response (HTTP Response Splitting), and/or ause header confusion or other HTTP protocol attacks. Versions 3.3.0-RC1 and 3.2.1 contain a fix for the issue. | ||||
| CVE-2024-50627 | 1 Digi | 7 Connectport Lts 16, Connectport Lts 16 Mei, Connectport Lts 16 Mei 2ac and 4 more | 2025-06-27 | 8.8 High |
| An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network (with specific permissions) to upload and execute malicious files, potentially leading to unauthorized system access. | ||||
| CVE-2024-50626 | 1 Digi | 7 Connectport Lts 16, Connectport Lts 16 Mei, Connectport Lts 16 Mei 2ac and 4 more | 2025-06-27 | 8.8 High |
| An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Directory Traversal vulnerability exists in WebFS. This allows an attacker on the local area network to manipulate URLs to include traversal sequences, potentially leading to unauthorized access to data. | ||||
| CVE-2024-50625 | 1 Digi | 7 Connectport Lts 16, Connectport Lts 16 Mei, Connectport Lts 16 Mei 2ac and 4 more | 2025-06-27 | 8 High |
| An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload handling of a web application allows manipulation of file paths via POST requests. This can lead to arbitrary file uploads within specific directories, potentially enabling privilege escalation when combined with other vulnerabilities. | ||||
| CVE-2024-50628 | 1 Digi | 7 Connectport Lts 16, Connectport Lts 16 Mei, Connectport Lts 16 Mei 2ac and 4 more | 2025-06-27 | 8.8 High |
| An issue was discovered in the web services of Digi ConnectPort LTS before 1.4.12. It allows an attacker on the local area network to achieve unauthorized manipulation of resources, which may lead to remote code execution when combined with other issues. | ||||