Lucene search
K

586 matches found

NVD
NVD
added 2025/05/16 4:15 p.m.24 views

CVE-2025-39507

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NasaTheme Nasa Core nasa-core allows PHP Local File Inclusion.This issue affects Nasa Core: from n/a through 6.4.4...

8.8CVSS0.00673EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/16 3:45 p.m.11 views

CVE-2025-39507 WordPress Nasa Core Plugin <= 6.3.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NasaTheme Nasa Core allows PHP Local File Inclusion. This issue affects Nasa Core: from n/a through 6.3.2...

7.5CVSS7.1AI score0.00673EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/16 3:45 p.m.23 views

CVE-2025-39507 WordPress Nasa Core Plugin <= 6.4.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NasaTheme Nasa Core nasa-core allows PHP Local File Inclusion.This issue affects Nasa Core: from n/a through 6.4.4...

7.5CVSS0.00673EPSS
Exploits0References1
CVE
CVE
added 2025/05/16 3:45 p.m.36 views

CVE-2025-39507

The CVE-2025-39507 entry concerns WordPress Nasa Core plugin (versions through 6.3.2) vulnerable to Local File Inclusion via improper filename control in PHP include/require. Affected software: Nasa Core

8.8CVSS7.2AI score0.00673EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/05/16 12:50 p.m.10 views

WordPress Nasa Core Plugin <= 6.4.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Plugin Nasa Core versions 6.4.4...

8.8CVSS8.4AI score0.00673EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/16 12:0 a.m.6 views

PT-2025-21701 · Nasa Core · Nasa Core

Name of the Vulnerable Software and Affected Versions: Nasa Core versions through 6.3.2 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...

8.8CVSS8AI score0.00673EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.5 views

WordPress plugin Nasa Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.8CVSS7.8AI score0.00673EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/04/29 12:17 a.m.19 views

CVE-2025-46675

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking...

4.2CVSS6.9AI score0.0029EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/29 12:14 a.m.25 views

CVE-2025-46673

NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol SDLS...

9.9CVSS7AI score0.00409EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/29 12:13 a.m.32 views

CVE-2025-46672

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...

8.8CVSS6.9AI score0.00434EPSS
Exploits1References1
NVD
NVD
added 2025/04/27 1:15 a.m.55 views

CVE-2025-46672

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...

8.8CVSS0.00434EPSS
Exploits1References3
NVD
NVD
added 2025/04/27 1:15 a.m.26 views

CVE-2025-46675

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking...

4.2CVSS0.0029EPSS
Exploits1References4
NVD
NVD
added 2025/04/27 1:15 a.m.41 views

CVE-2025-46674

NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress not intended for use during flight, potentially leading to a keystream oracle...

9.9CVSS0.00492EPSS
Exploits1References3
NVD
NVD
added 2025/04/27 1:15 a.m.35 views

CVE-2025-46673

NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol SDLS...

9.9CVSS0.00409EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/04/27 12:0 a.m.30 views

CVE-2025-46675

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking...

3.5CVSS0.0029EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/04/27 12:0 a.m.4 views

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.3.2, which stems from a failure to check SA operational status and could lead to a bypass...

9.9CVSS6.5AI score0.00409EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/04/27 12:0 a.m.7 views

PT-2025-17970

Name of the Vulnerable Software and Affected Versions NASA CryptoLib versions prior to 1.3.2 Description The issue is related to NASA CryptoLib not checking whether the SA is in an operational state before use. This could possibly lead to a bypass of the Space Data Link Security protocol SDLS...

9.9CVSS5.9AI score0.00409EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2025/04/27 12:0 a.m.6 views

PT-2025-17969 · Nasa · Nasa Cryptolib

Name of the Vulnerable Software and Affected Versions: NASA CryptoLib versions prior to 1.3.2 Description: The issue is related to the OTAR crypto function in NASA CryptoLib, where the returned status is not checked, potentially leading to spacecraft hijacking. Recommendations: For NASA CryptoLib...

8.8CVSS6.3AI score0.00434EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/04/27 12:0 a.m.5 views

PT-2025-17971 · Nasa · Nasa Cryptolib

Name of the Vulnerable Software and Affected Versions: NASA CryptoLib versions prior to 1.3.2 Description: The issue arises from NASA CryptoLib using Extended Procedures that are a Work in Progress, not intended for use during flight, potentially leading to a keystream oracle. Recommendations: Fo...

9.9CVSS6.3AI score0.00492EPSS
Exploits1References12
Vulnrichment
Vulnrichment
added 2025/04/27 12:0 a.m.11 views

CVE-2025-46672

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...

3.5CVSS6.9AI score0.00434EPSS
Exploits1References3
Rows per page
Query Builder