Every CVE whose affected-product data names Gpsd Project Gpsd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-67268 — CVSS 9.8 (critical): gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/driver_nmea2000.c file. The hnd_129540…
CVE-2018-17937 — CVSS 8.8 (high): gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow…
CVE-2025-67269 — CVSS 7.5 (high): An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of gpsd versions prior to commit…
CVE-2023-43628 — CVSS 5.9 (medium): An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet…
CVE-2013-2038 — CVSS 4.3 (medium): The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute…