Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security
* Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware in Nissan Altima (2022) allows attackers to trigger denial-of-service (DoS) by unauthorized ac
An issue in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to cause a Denial of Service (DoS) via ECU reset UDS service. NOTE: this is disputed by the Supplier
The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN t
Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic k
An issue in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to control or disrupt CAN communication between the instrument cluster and CAN bus. NOTE: this is dis
Weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to
A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used in Suzuki and Toyota cars. This misconfiguration can lead to information disclosure, leaking sensitive
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GT Designer3 Version1 (GOT2000) all versions and Mitsubishi Electric GT Designer3 Version1 (GOT1000) all versions allows
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V05.30). The affected devices contain a secure element which is connected via an unencrypted SPI bus. Thi
There is a misconfiguration vulnerability inside the Infotainment ECU manufactured by BOSCH. The vulnerability happens during the startup phase of a specific systemd service, and as a result, the foll
The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user (due to additional vulnerabilities), then he/she is also able
Incorrect access control in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to arbitrarily change odometer readings in the vehicle by targeting the instrument cl
Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to
A vulnerability, which was classified as critical, has been found in Audi UTR Dashcam 2.0. Affected by this issue is some unknown functionality of the component Command API. The manipulation leads to
A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025). The maintenance connection of affect
An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to denial of service. It uses the same default credentials for all devices and does not implement proper mult
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute a
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
Page 1+ Next →