11 matches found
CVE-2025-62600 eprosima Fast DDS affected by Out-of-Memory in readBinaryPropertySeq via Manipulated DATA Submessage when DDS Security is enabled
eprosima Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an...
EUVD-2022-47952
Malicious code in bioql PyPI...
CVE-2022-45027
perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address...
CVE-2023-37915 Malformed PID_PROPERTY_LIST parameter in DATA submessage remotely crashes OpenDDS
OpenDDS is an open source C++ implementation of the Object Management Group OMG Data Distribution Service DDS. OpenDDS crashes while parsing a malformed PIDPROPERTYLIST in a DATA submessage during participant discovery. Attackers can remotely crash OpenDDS processes by sending a DATA submessage...
CVE-2023-37915 Malformed PID_PROPERTY_LIST parameter in DATA submessage remotely crashes OpenDDS
OpenDDS is an open source C++ implementation of the Object Management Group OMG Data Distribution Service DDS. OpenDDS crashes while parsing a malformed PIDPROPERTYLIST in a DATA submessage during participant discovery. Attackers can remotely crash OpenDDS processes by sending a DATA submessage...
CVE-2023-37915
OpenDDS (C++ implementation of OMG DDS) is affected by CVE-2023-37915 due to a vulnerability in parsing a malformed PID_PROPERTY_LIST within a DATA submessage during participant discovery. The underlying issue can cause remote crashes of OpenDDS processes when a crafted DATA submessage is sent to...
CVE-2022-45027
perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address...
Cross site request forgery (csrf)
perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address...
CVE-2022-45027
The CVE-2022-45027 issue affects perfSONAR prior to version 4.4.6. During participant discovery, the software incorrectly uses an HTTP request header value to determine the local address, which can affect how the local endpoint is identified during discovery. The available documents describe this...
PT-2023-14575 · Perfsonar · Perfsonar
Name of the Vulnerable Software and Affected Versions: perfSONAR versions prior to 4.4.6 Description: The issue arises when perfSONAR performs participant discovery, incorrectly utilizing an HTTP request header value to determine a local address. Recommendations: For versions prior to 4.4.6, upda...
CVE-2022-45027
perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address...