Recent CVEs
CVE-2024-26005
An unauthenticated remote attacker can gain service level privileges through an incomplete cleanup during service restart after a DoS.
CVE-2024-26004
An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality.
CVE-2024-26003
An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality.
CVE-2024-26002
An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files.
CVE-2024-25999
An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service.
CVE-2024-25998
An unauthenticated remote attacker can perform a command injection in the OCPP Service with limited privileges due to improper input validation.
CVE-2024-25997
An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected.
CVE-2024-25996
An unauthenticated remote attacker can perform a remote code execution due to an origin validation error. The access is limited to the service user.
CVE-2024-25995
An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input validation.
CVE-2024-25994
An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only.