9002 matches found
AMD Embedded Vulnerabilities – August 2025
Summary Potential vulnerabilities in AMD Embedded processors were reported, and mitigations are being provided through Platform Initialization PI firmware packages...
CVE-2025-54878
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version...
CVE-2025-54878
CVE-2025-54878 affects NASA CryptoLib (versions ≤ 1.4.0) where the IV setup logic for telecommand frames lacks bounds checking when copying the Initialization Vector into a newly allocated buffer. This heap buffer overflow can be triggered by a crafted telecommand frame, causing heap corruption a...
CVE-2025-54878 Heap Buffer Overflow in NASA CryptoLib 1.4.0 `Crypto_TC_Check_IV_Setup`
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version...
CVE-2025-54878 Heap Buffer Overflow in NASA CryptoLib 1.4.0 `Crypto_TC_Check_IV_Setup`
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version...
CVE-2025-54878 Heap Buffer Overflow in NASA CryptoLib 1.4.0 `Crypto_TC_Check_IV_Setup`
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version...
CVE-2025-51823
libcsp 2.0 is vulnerable to Buffer Overflow in the cspethinit function due to improper handling of the ifname parameter. The function uses strcpy to copy the interface name into a structure member ctx-name without validating the input length...
BIT-LIBPHP-2020-7069 Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data...
Linux Distros Unpatched Vulnerability : CVE-2024-38579
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: bcm - Fix pointer arithmetic In spu2dumpomd value of ptr is increased by ciphkeylen instead of hashivlen which could lead to going beyond the buffer...
Linux Distros Unpatched Vulnerability : CVE-2023-29537
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects...
Linux Distros Unpatched Vulnerability : CVE-2022-50032
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: renesas: Fix refcount leak bug In usbhsrza1hardwareinit, offindnodebyname will return a node pointer with refcount incremented. We should use ofnodeput whe...
NASA CryptoLib 安全漏洞
NASA CryptoLib is a highly optimized cryptographic library from the National Aeronautics and Space Administration NASA designed to provide software developers with a clean and easy-to-use cryptographic toolset. A security vulnerability exists in NASA CryptoLib version 1.4.0 and earlier, which ste...
CVE-2025-51823
The CVE-2025-51823 entry affects libcsp 2.0. The vulnerability is a buffer overflow in the csp_eth_init() function caused by copying the interface name (ifname) into ctx->name with strcpy without validating input length. This is the underlying root cause described across multiple sources, whic...
Linux Distros Unpatched Vulnerability : CVE-2021-3564
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device...
PT-2025-32574 · Libcsp · Libcsp
Name of the Vulnerable Software and Affected Versions: libcsp version 2.0 Description: libcsp version 2.0 contains a buffer overflow in the csp eth init function. This issue is due to the use of strcpy to copy the ifname parameter into a structure member ctx-name without proper input length...
Linux Distros Unpatched Vulnerability : CVE-2022-49818
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mISDN: fix misuse of putdevice in mISDNregisterdevice We should not release reference by...
Linux Distros Unpatched Vulnerability : CVE-2024-26788
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: init irq after reg initialization Initialize the qDMA irqs after the...
Linux Distros Unpatched Vulnerability : CVE-2022-50188
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount leak in mesonencoderhdmiinit offinddevicebynode takes reference, we...
Linux Distros Unpatched Vulnerability : CVE-2025-37895
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix error handling path in bnxtinitchip WARNON is triggered in flushwork if...
Linux Distros Unpatched Vulnerability : CVE-2025-38403
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/vmci: Clear the vmci transport packet properly when initializing it In vmcitransportpacketinit memset the vmcitransportpacket before populating the fields...