Lucene search
+L

185 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-6612

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00992EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-12475

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00434EPSS
Exploits1References5
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-41133

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00517EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-41134

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00489EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-12473

Malicious code in bioql PyPI...

9.9CVSS6.5AI score0.00409EPSS
Exploits1References7
redhatcve
redhatcve
added 2025/09/25 2:53 a.m.7 views

CVE-2025-59534

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in...

7.3CVSS7.5AI score0.00906EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2025/09/23 6:25 p.m.4 views

CVE-2025-59534 CryptoLib command Injection vulnerability in initialize_kerberos_keytab_file_login()

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in...

7.3CVSS7.1AI score0.00906EPSS
Exploits1References2
osv
osv
added 2025/09/23 6:25 p.m.8 views

CVE-2025-59534 CryptoLib command Injection vulnerability in initialize_kerberos_keytab_file_login()

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in...

7.3CVSS7.4AI score0.00906EPSS
Exploits1References4
cve
cve
added 2025/09/23 6:25 p.m.25 views

CVE-2025-59534

CryptoLib (NASA’s library using CCSDS SDLS-EP) contains a command-injection vulnerability in initialize_kerberos_keytab_file_login() present in versions prior to 1.4.2. The flaw arises from unsanitized, user-controlled input directly interpolated into a shell command and executed via system(), en...

7.8CVSS7.1AI score0.00906EPSS
Exploits1References2Affected Software1
cnnvd
cnnvd
added 2025/09/23 12:0 a.m.9 views

CryptoLib 操作系统命令注入漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. An operating system command injection vulnerability exists in CryptoLib versions prior to 1.4.2, which stems from the initializekerberoskeytabfilelogin...

7.8CVSS7.3AI score0.00906EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/08/13 9:21 p.m.19 views

CVE-2025-54878

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version...

8.6CVSS7.9AI score0.00389EPSS
Exploits1References1
nvd
nvd
added 2025/08/11 9:15 p.m.13 views

CVE-2025-54878

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version...

8.6CVSS0.00389EPSS
Exploits1References2
cvelist
cvelist
added 2025/08/11 8:40 p.m.12 views

CVE-2025-54878 Heap Buffer Overflow in NASA CryptoLib 1.4.0 `Crypto_TC_Check_IV_Setup`

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version...

8.6CVSS0.00389EPSS
Exploits1References2
cve
cve
added 2025/08/11 8:40 p.m.40 views

CVE-2025-54878

CVE-2025-54878 affects NASA CryptoLib (versions ≤ 1.4.0) where the IV setup logic for telecommand frames lacks bounds checking when copying the Initialization Vector into a newly allocated buffer. This heap buffer overflow can be triggered by a crafted telecommand frame, causing heap corruption a...

8.6CVSS7.8AI score0.00389EPSS
Exploits1References2Affected Software1
osv
osv
added 2025/08/11 8:40 p.m.10 views

CVE-2025-54878 Heap Buffer Overflow in NASA CryptoLib 1.4.0 `Crypto_TC_Check_IV_Setup`

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version...

8.6CVSS7.3AI score0.00389EPSS
Exploits1References4
ossf
ossf
added 2025/07/14 11:35 p.m.4 views

Malicious code in symphony-cryptolib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8216b9fdde76a4f40936fd19fbe9a3a7d73dcf66ffdde04c6cf54ee965448b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
osv
osv
added 2025/07/14 11:35 p.m.4 views

MAL-2025-5864 Malicious code in symphony-cryptolib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8216b9fdde76a4f40936fd19fbe9a3a7d73dcf66ffdde04c6cf54ee965448b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
redhatcve
redhatcve
added 2025/05/23 7:21 a.m.8 views

CVE-2024-44911

NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem cryptotc.c...

7.5CVSS7.3AI score0.00517EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:20 a.m.7 views

CVE-2024-44912

NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem cryptotm.c...

7.5CVSS7.3AI score0.00489EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 6:28 a.m.8 views

CVE-2024-44910

NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem cryptoaos.c...

7.5CVSS7.3AI score0.00535EPSS
Exploits1
Rows per page
Query Builder