CVE-2025-25372

NASA cFS Core Flight System Aquila is vulnerable to segmentation fault via sending a malicious telecommand to the Memory Management Module...

CVE-2025-29913

CVE-2025-29913 affects CryptoLib (versions ≤ 1.3.3). The vulnerability is in the function Crypto_TC_Prep_AAD, where an incorrect calculation of the MAC start index can underflow an unsigned integer, causing an out-of-bounds access in the ingest buffer and leading to a heap-based buffer overflow. ...

CVE-2025-29913 CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...

CVE-2025-29912 CryptoLib Has Heap Buffer Overflow Due to Unsigned Integer Underflow in Crypto_TC_ProcessSecurity

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, an unsigned integer underflow in the...

CVE-2025-29909 CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...

CVE-2025-29909 CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...

CVE-2025-29909 CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...

CVE-2023-46470

Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via crafted telecommand in the timeline view of the ArchiveBrowser...

CVE-2023-46470

Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via crafted telecommand in the timeline view of the ArchiveBrowser...

CVE-2023-46470

Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via crafted telecommand in the timeline view of the ArchiveBrowser...

Cross site scripting

Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via crafted telecommand in the timeline view of the ArchiveBrowser...

PT-2023-30039 · Space Applications Services · Yamcs

Name of the Vulnerable Software and Affected Versions: Space Applications Services Yamcs version 5.8.6 Description: The issue allows a remote attacker to execute arbitrary code via a crafted telecommand in the timeline view of the ArchiveBrowser. This is a Cross Site Scripting vulnerability...