49 matches found
CVE-2026-5476
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...
CVE-2026-5475
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFESBTransmitMsg of the file cfesbpriv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but...
EUVD-2026-18813
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFESBTransmitMsg of the file cfesbpriv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but...
EUVD-2026-18807
A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...
CVE-2026-5476 NASA cFS cfe_tbl_passthru_codec.c CFE_TBL_ValidateCodecLoadSize integer overflow
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...
CVE-2026-5474
A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...
CVE-2026-5475
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFESBTransmitMsg of the file cfesbpriv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but...
CVE-2026-5475 NASA cFS CCSDS Header Size cfe_sb_priv.c CFE_SB_TransmitMsg memory corruption
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFESBTransmitMsg of the file cfesbpriv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but...
CVE-2026-5475 NASA cFS CCSDS Header Size cfe_sb_priv.c CFE_SB_TransmitMsg memory corruption
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFESBTransmitMsg of the file cfesbpriv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but...
CVE-2026-5474 NASA cFS CCSDS Packet Header to_lab_passthru_encode.c CFE_MSG_GetSize heap-based overflow
A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...
CVE-2026-5474
CVE-2026-5474 affects NASA cFS up to 7.0.0. The vulnerability is in CFE_MSG_GetSize (file apps/to_lab/fsw/src/to_lab_passthru_encode.c, CCSDS Packet Header Handler) and results in a heap-based buffer overflow when manipulated. Exploitation requires local network access. Multiple sources (NVD, Red...
CVE-2026-5474 NASA cFS CCSDS Packet Header to_lab_passthru_encode.c CFE_MSG_GetSize heap-based overflow
A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...
Core Flight System(cFS) 代码问题漏洞
Core Flight System cFS is a generic flight software architecture framework open source by NASA, used for flagship spacecraft, manned spacecraft, cube satellites, and Raspberry Pi devices. Versions of Core Flight System cFS 7.0.0 and earlier contained code vulnerabilities. These vulnerabilities...
Core Flight System 安全漏洞
Core Flight System cFS is a generic flight software architecture framework open source by NASA. It is used for flagship spacecraft, manned spacecraft, cube satellites, and Raspberry Pi devices. Versions of Core Flight System 7.0.0 and earlier contain security vulnerabilities. These vulnerabilitie...
PT-2026-30201
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE SB TransmitMsg of the file cfe sb priv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report...
PT-2026-30208
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE TBL ValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfe tbl passthru codec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told...
Core Flight System 缓冲区错误漏洞
Core Flight System cFS is a generic flight software architecture framework open source by NASA. It is used for flagship spacecraft, manned spacecraft, cube satellites, and Raspberry Pi devices. Versions of Core Flight System 7.0.0 and earlier contain a buffer error vulnerability. This vulnerabili...
Core Flight System 输入验证错误漏洞
Core Flight System cFS is a generic flight software architecture framework open source by NASA, used for flagship spacecraft, manned spacecraft, cube satellites, and Raspberry Pi devices. Versions of Core Flight System cFS 7.0.0 and earlier contained a input validation vulnerability, which was...
CVE-2026-21898
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the CryptoAOSProcessSecurity function reads...
CVE-2026-21897
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the CryptoConfigAddGvcidManagedParameters...