Lucene search
K

83 matches found

CNNVD
CNNVD
added 2025/04/27 12:0 a.m.5 views

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.3.2 that stems from the use of unfinished extensions that could lead to keystream...

9.9CVSS6.4AI score0.00492EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/04/27 12:0 a.m.36 views

CVE-2025-46673

NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol SDLS...

4.9CVSS0.00409EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/03/27 7:40 p.m.24 views

CVE-2025-30216

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a Heap Overflow vulnerability occurs in t...

9.4CVSS8.1AI score0.0237EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/03/19 11:25 p.m.13 views

CVE-2025-29913

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...

9.8CVSS8.5AI score0.00657EPSS
Exploits1References1
NVD
NVD
added 2025/03/17 11:15 p.m.42 views

CVE-2025-29913

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...

9.8CVSS0.00657EPSS
Exploits1References1
OSV
OSV
added 2025/03/17 10:50 p.m.13 views

CVE-2025-29913 CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...

9.3CVSS8.1AI score0.00657EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.5 views

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib version 1.3.3 and earlier, which originates from a heap buffer overflow and could result in a denial of servi...

9.8CVSS7.9AI score0.00992EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-26844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block: Fix WARNING in copyfromiter Syzkaller reports a warning in copyfromiter because an ioviter is supposedly used in the wrong direction. The reason is that...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/30 12:0 a.m.6 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to ensure that strings are terminated with a null character during copying of user-space data to a...

7.1CVSS6.7AI score0.00213EPSS
Exploits0References4
OSV
OSV
added 2022/10/14 4:15 p.m.4 views

CVE-2022-38998

The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality...

7.5CVSS5.8AI score0.00422EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/04 7:15 a.m.3 views

CVE-2022-29484

Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space...

8.1CVSS6.8AI score0.01049EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/07/04 7:15 a.m.2 views

CVE-2022-27803

Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Space...

4.3CVSS6AI score0.00685EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/07/04 7:15 a.m.2 views

CVE-2022-27803

Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Space...

4.3CVSS6.1AI score0.00685EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/07/04 12:0 a.m.1 views

PT-2022-19649 · Cybozu · Cybozu Garoon

Name of the Vulnerable Software and Affected Versions: Cybozu Garoon versions 4.0.0 through 5.9.0 Description: The issue allows a remote authenticated attacker to bypass operation restrictions and delete data of Space. Recommendations: For versions 4.0.0 through 5.9.0, update to a version that...

8.1CVSS7.9AI score0.01049EPSS
Exploits0References5
OSV
OSV
added 2021/08/18 6:15 a.m.2 views

CVE-2021-20775

Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege...

4.3CVSS5.8AI score0.00881EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/08/18 5:36 a.m.26 views

CVE-2021-20775

Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege...

5.5AI score0.00881EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/02 12:0 a.m.5 views

Cybozu Garoon 输入验证错误漏洞

Cybozu Garoon, a portal-based OA system of Cybozu Japan, is vulnerable to information disclosure. An attacker can use this vulnerability to obtain data from Comment and Space without viewing privileges...

4.3CVSS5.3AI score0.00881EPSS
Exploits0References4
OSV
OSV
added 2017/03/30 12:15 a.m.5 views

USN-3251-2 linux-hwe vulnerability

USN-3251-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not...

7.8CVSS7AI score0.01798EPSS
Exploits4References2
OSV
OSV
added 2017/03/29 10:37 p.m.4 views

USN-3250-1 linux vulnerability

It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service system crash or execute arbitrary code with administrative privileges...

7.8CVSS7.1AI score0.01798EPSS
Exploits4References2
UbuntuCve
UbuntuCve
added 2016/08/06 10:59 a.m.31 views

CVE-2014-9897

sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain user-space data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28769856 and Qualcomm internal bu...

5.5CVSS6.5AI score0.0046EPSS
Exploits0References3
Rows per page
Query Builder