VYPR

Vendor CVEs

Osgeo

All CVEs

36 total · sorted by risk
  • CVE-2017-5522CriMar 15, 2017
    risk 0.64cvss 9.8epss 0.05

    Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving WFS get feature requests.

  • CVE-2026-30479CriApr 9, 2026
    risk 0.59cvss 9.1epss 0.00

    A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable.

  • CVE-2026-30478HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.00

    A Dynamic-link Library Injection vulnerability in GatewayGeo MapServer for Windows version 5 allows attackers to escalate privileges via a crafted executable.

  • CVE-2016-9839HigDec 8, 2016
    risk 0.49cvss 7.5epss 0.01

    In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails.

  • CVE-2026-49014HigMay 27, 2026
    risk 0.48cvss 7.4epss 0.00

    In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an…

  • CVE-2026-42030MedMay 8, 2026
    risk 0.40cvss 6.1epss 0.00

    MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker to inject arbitrary HTML/JavaScript into the browser of any user who opens a…

  • CVE-2025-50690MedAug 13, 2025
    risk 0.40cvss 6.1epss 0.00

    A Cross-Site Scripting (XSS) vulnerability exists in SpatialReference.org (OSGeo/spatialreference.org) versions prior to 2025-05-17 (commit 2120adfa17ddd535bd0f539e6c4988fa3a2cb491). The vulnerability is caused by improper handling of user input in the search query parameter. An…

  • CVE-2026-8213MedMay 9, 2026
    risk 0.27cvss 5.3epss 0.00

    A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the component Grid File Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached…

  • CVE-2026-8212MedMay 9, 2026
    risk 0.27cvss 5.3epss 0.00

    A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The exploit has been…

  • CVE-2026-8087MedMay 7, 2026
    risk 0.27cvss 5.3epss 0.00

    A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a…

  • CVE-2026-8086MedMay 7, 2026
    risk 0.27cvss 5.3epss 0.00

    A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName leads to heap-based buffer overflow. The attack must be carried out locally. The…

  • CVE-2026-33721MedMar 27, 2026
    risk 0.27cvss 5.3epss 0.01

    MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD (Styled Layer Descriptor) parser lets a remote, unauthenticated attacker crash the MapServer process by sending…

  • CVE-2026-8088LowMay 7, 2026
    risk 0.14cvss 3.3epss 0.00

    A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been made…

  • CVE-2026-8084LowMay 7, 2026
    risk 0.14cvss 3.3epss 0.00

    A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local…

  • CVE-2011-2975Aug 1, 2011
    risk 0.03cvss epss 0.05

    Double free vulnerability in the msAddImageSymbol function in mapsymbol.c in MapServer before 6.0.1 might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact via crafted mapfile data.

  • CVE-2009-0839Mar 31, 2009
    risk 0.01cvss epss 0.09

    Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action.

  • CVE-2026-4738Mar 24, 2026
    risk 0.00cvss epss 0.00

    Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo gdal (frmts/zlib/contrib/infback9 modules). This vulnerability is associated with program files inftree9.C‎. This issue affects gdal: before 3.11.0.

  • CVE-2025-29480Apr 7, 2025
    risk 0.00cvss epss 0.00

    Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced.

  • CVE-2024-32037NonFeb 11, 2025
    risk 0.00cvss 0.0epss 0.00

    GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a security point of view because…

  • CVE-2022-0699Oct 17, 2022
    risk 0.00cvss epss 0.01

    A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc.

  • CVE-2021-45943Dec 31, 2021
    risk 0.00cvss epss 0.01

    GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).

  • CVE-2019-25050Jul 20, 2021
    risk 0.00cvss epss 0.00

    netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4_get_att (called from nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (called from netCDFDataset::~netCDFDataset and netCDFDataset::~netCDFDataset).

  • CVE-2019-17545Oct 14, 2019
    risk 0.00cvss epss 0.03

    GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.

  • CVE-2013-7262Jan 5, 2014
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter.

  • CVE-2011-2704Aug 1, 2011
    risk 0.00cvss epss 0.05

    Stack-based buffer overflow in MapServer before 4.10.7 and 5.x before 5.6.7 allows remote attackers to execute arbitrary code via vectors related to OGC filter encoding.

  • CVE-2011-2703Aug 1, 2011
    risk 0.00cvss epss 0.03

    Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) OGC filter encoding or (2) WMS time support.

  • CVE-2010-2540Aug 2, 2010
    risk 0.00cvss epss 0.04

    mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 does not properly restrict the use of CGI command-line arguments that were intended for debugging, which allows remote attackers to have an unspecified impact via crafted arguments.

  • CVE-2010-2539Aug 2, 2010
    risk 0.00cvss epss 0.00

    Buffer overflow in the msTmpFile function in maputil.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 allows local users to cause a denial of service via vectors involving names of temporary files.

  • CVE-2009-2281Oct 23, 2009
    risk 0.00cvss epss 0.06

    Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x through 4.10.4 and 5.x before 5.4.2 allow remote attackers to execute arbitrary code via (1) a crafted Content-Length HTTP header or (2) a large HTTP request, related to…

  • CVE-2009-1177Mar 31, 2009
    risk 0.00cvss epss 0.03

    Multiple stack-based buffer overflows in maptemplate.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 have unknown impact and remote attack vectors.

  • CVE-2009-1176Mar 31, 2009
    risk 0.00cvss epss 0.04

    mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter…

  • CVE-2009-0843Mar 31, 2009
    risk 0.00cvss epss 0.03

    The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depending on whether this…

  • CVE-2009-0842Mar 31, 2009
    risk 0.00cvss epss 0.03

    mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrary invalid .map files via a full pathname in the map parameter, which triggers the display of partial file contents within an error message, as demonstrated by a /tmp/sekrut.map…

  • CVE-2009-0841Mar 31, 2009
    risk 0.00cvss epss 0.05

    Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter.

  • CVE-2009-0840Mar 31, 2009
    risk 0.00cvss epss 0.05

    Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header.

  • CVE-2005-3581Nov 16, 2005
    risk 0.00cvss epss 0.00

    GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.