8.9
CVE-2025-29913 - CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the โฆ
8.9
CVE-2025-29912 - CryptoLib Has Heap Buffer Overflow Due to Unsigned Integer Underflow in Crypto_TC_ProcessSecurity
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, an unsigned integer underflow in the `Cโฆ
5.3
CVE-2025-2420 - ็ซๅฎi Morning cross-site request forgery
A vulnerability classified as problematic was found in ็ซๅฎi Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed toโฆ
8.9
CVE-2025-29911 - CryptoLib Has Heap Buffer Overflow in Crypto_AOS_ProcessSecurity Function
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the โฆ
5.5
CVE-2025-29910 - CryptoLib's crypto_handle_incrementing_nontransmitted_counter Function has Memory Leak
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A memory leak vulnerability was identified in the `crypto_handle_incโฆ
5.3
CVE-2025-2419 - code-projects Real Estate Property Management System InsertFeedback.php sql injection
A vulnerability classified as critical has been found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /InsertFeedback.php. The manipulation of the argument txtName/txtEmail/txtMobile/txtFeedback leads to sql injection. It is possible to launcโฆ
8.9
CVE-2025-29909 - CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability inโฆ
6.5
CVE-2025-29781 - Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD
The Bare Metal Operator (BMO) implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource `BMCEventSubscription`. Prior to versions 0.8.1 and 0.9.1, an adversarโฆ
4.6
CVE-2024-40635 - containerd has an integer overflow in User ID handling
containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as rooโฆ
8.6
CVE-2025-2398 - China Mobile P22g-CIac CLI su Command default credentials
A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been rated as critical. This issue affects some unknown processing of the component CLI su Command Handler. The manipulation leads to use of default credentials. Tโฆ