Lucene search
K

50 matches found

NVD
NVD
added 2025/03/17 10:15 p.m.27 views

CVE-2025-29909

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...

9.8CVSS0.00992EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/03/17 10:4 p.m.25 views

CVE-2025-29910 CryptoLib's crypto_handle_incrementing_nontransmitted_counter Function has Memory Leak

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A memory leak vulnerability was identified in the...

6.9CVSS0.0046EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/17 9:55 p.m.7 views

CVE-2025-29909 CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...

9.3CVSS8.3AI score0.00992EPSS
Exploits1References2
CVE
CVE
added 2025/03/17 9:55 p.m.73 views

CVE-2025-29909

CVE-2025-29909 affects CryptoLib (NASA) up to version 1.3.3: a heap buffer overflow in Crypto_TC_ApplySecurity() can be triggered by crafting a malformed Telecommand (TC) frame, leading to out-of-bounds writes with DoS and, under certain conditions, remote code execution. The vulnerability impact...

9.8CVSS8AI score0.00992EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/03/17 9:55 p.m.10 views

CVE-2025-29909 CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...

9.3CVSS8.2AI score0.00992EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/03/17 12:0 a.m.4 views

PT-2025-11563 · Cryptolib · Cryptolib

Name of the Vulnerable Software and Affected Versions: CryptoLib versions 1.3.3 and prior Description: A critical heap buffer overflow issue was identified in the Crypto AOS ProcessSecurity function, allowing an attacker to trigger a Denial of Service DoS or potentially execute arbitrary code RCE...

9.8CVSS7.5AI score0.0068EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.5 views

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib version 1.3.3 and earlier, which originates from a heap buffer overflow and could result in a denial of servi...

9.8CVSS7.9AI score0.00992EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/03/17 12:0 a.m.8 views

PT-2025-11564 · Cryptolib · Cryptolib

Name of the Vulnerable Software and Affected Versions: CryptoLib versions 1.3.3 and prior Description: The issue is caused by an unsigned integer underflow in the Crypto TC ProcessSecurity function of CryptoLib, leading to a heap buffer overflow. This occurs when the fl frame length field in a...

9.8CVSS7.1AI score0.01129EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2025/03/17 12:0 a.m.5 views

PT-2025-11565 · Cryptolib · Cryptolib

Name of the Vulnerable Software and Affected Versions: CryptoLib versions 1.3.3 and prior Description: CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight...

9.8CVSS7.5AI score0.00657EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/03/17 12:0 a.m.5 views

PT-2025-11561 · Cryptolib · Cryptolib

Name of the Vulnerable Software and Affected Versions: CryptoLib versions 1.3.3 and earlier Description: A heap buffer overflow vulnerability in CryptoLib's Crypto TC ApplySecurity function allows an attacker to craft a malicious TC frame that causes out-of-bounds memory writes. This can result i...

9.8CVSS7.8AI score0.00992EPSS
Exploits1References10
Rows per page
Query Builder