cbcvebase.

Gpsd Project Gpsd vulnerabilities

6 known vulnerabilities affecting gpsd_project/gpsd.

Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2004-1388P3HIGHCVSS 7.5PoC≥ 0, < 2.7-42004-12-31
CVE-2004-1388 [HIGH] CVE-2004-1388: Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1 Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls.
osv
CVE-2025-67268P3CRITICALCVSS 9.8fixed in 3.27.12026-01-02
CVE-2025-67268 [CRITICAL] CWE-122 CVE-2025-67268: gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/dr gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/driver_nmea2000.c file. The hnd_129540 function, which handles NMEA2000 PGN 129540 (GNSS Satellites in View) packets, fails to validate the user-supplied satellite count against the size of the skyview array (184 elements). This allows an attacker to
nvdosv
CVE-2018-17937P3HIGHCVSS 8.8≥ 2.90, ≤ 3.172019-03-13
CVE-2018-17937 [HIGH] CWE-121 CVE-2018-17937: gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack- gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs.
nvdosv
CVE-2023-43628P3HIGHCVSS 7.5v3.25.12023-12-05
CVE-2023-43628 [HIGH] CWE-191 CVE-2023-43628: An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~d An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability.
nvd
CVE-2025-67269P3HIGHCVSS 7.5fixed in 3.27.12026-01-02
CVE-2025-67269 [HIGH] CWE-191 CVE-2025-67269: An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of gpsd v An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of gpsd versions prior to commit `ffa1d6f40bca0b035fc7f5e563160ebb67199da7`. When parsing a NAVCOM packet, the payload length is calculated using `lexer->length = (size_t)c - 4` without checking if the input byte `c` is less than 4. This results in an unsigned i
nvdosv
CVE-2013-2038P4MEDIUMCVSS 4.3≤ 3.8v3.0+7 more2014-02-06
CVE-2013-2038 [MEDIUM] CWE-20 CVE-2013-2038: The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpreted sentence that lacks certain fields and a terminator. NOTE: a separate issue in the AIS driver was also reported, but it might not be a vulnerability.
nvdosv
Gpsd Project Gpsd vulnerabilities | cvebase