Vulnerabilities > Genivi

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-39836 Out-of-bounds Read vulnerability in Genivi Diagnostic LOG and Trace
An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8.
local
low complexity
genivi CWE-125
5.5
2022-10-25 CVE-2022-39837 NULL Pointer Dereference vulnerability in Genivi Diagnostic LOG and Trace
An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8.
local
low complexity
genivi CWE-476
5.5
2022-06-16 CVE-2022-31291 Double Free vulnerability in multiple products
An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.
network
low complexity
genivi debian CWE-415
7.5
2021-05-28 CVE-2021-29507 Unspecified vulnerability in Genivi Diagnostic LOG and Trace
GENIVI Diagnostic Log and Trace (DLT) provides a log and trace interface.
network
low complexity
genivi
4.0
2021-02-10 CVE-2020-36244 Out-of-bounds Write vulnerability in multiple products
The daemon in GENIVI diagnostic log and trace (DLT), is vulnerable to a heap-based buffer overflow that could allow an attacker to remotely execute arbitrary code on the DLT-Daemon (versions prior to 2.18.6).
network
low complexity
genivi debian CWE-787
critical
9.8
2020-11-30 CVE-2020-29394 Out-of-bounds Write vulnerability in multiple products
A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).
local
low complexity
genivi debian CWE-787
7.8