83 matches found
CryptoLib 安全漏洞
CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.3.2 that stems from the use of unfinished extensions that could lead to keystream...
CVE-2025-46673
NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol SDLS...
CVE-2025-30216
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a Heap Overflow vulnerability occurs in t...
CVE-2025-29913
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...
CVE-2025-29913
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...
CVE-2025-29913 CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...
CryptoLib 安全漏洞
CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib version 1.3.3 and earlier, which originates from a heap buffer overflow and could result in a denial of servi...
Linux Distros Unpatched Vulnerability : CVE-2024-26844
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block: Fix WARNING in copyfromiter Syzkaller reports a warning in copyfromiter because an ioviter is supposedly used in the wrong direction. The reason is that...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to ensure that strings are terminated with a null character during copying of user-space data to a...
CVE-2022-38998
The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality...
CVE-2022-29484
Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space...
CVE-2022-27803
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Space...
CVE-2022-27803
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Space...
PT-2022-19649 · Cybozu · Cybozu Garoon
Name of the Vulnerable Software and Affected Versions: Cybozu Garoon versions 4.0.0 through 5.9.0 Description: The issue allows a remote authenticated attacker to bypass operation restrictions and delete data of Space. Recommendations: For versions 4.0.0 through 5.9.0, update to a version that...
CVE-2021-20775
Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege...
CVE-2021-20775
Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege...
Cybozu Garoon 输入验证错误漏洞
Cybozu Garoon, a portal-based OA system of Cybozu Japan, is vulnerable to information disclosure. An attacker can use this vulnerability to obtain data from Comment and Space without viewing privileges...
USN-3251-2 linux-hwe vulnerability
USN-3251-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not...
USN-3250-1 linux vulnerability
It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service system crash or execute arbitrary code with administrative privileges...
CVE-2014-9897
sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain user-space data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28769856 and Qualcomm internal bu...