NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.
In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.
NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing their own bookmark list. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability was found in Apereo CAS 5.2.6 and classified as critical. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.