CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29913 – CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow
https://notcve.org/view.php?id=CVE-2025-29913
17 Mar 2025 — This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a maliciously crafted telecommand (TC) frame that causes an unsigned integer underflow. • https://github.com/nasa/CryptoLib/security/advisories/GHSA-q4v2-fvrv-qrf6 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29912 – CryptoLib Has Heap Buffer Overflow Due to Unsigned Integer Underflow in Crypto_TC_ProcessSecurity
https://notcve.org/view.php?id=CVE-2025-29912
17 Mar 2025 — This critical vulnerability can be exploited to cause a denial of service (DoS) or potentially achieve remote code execution. • https://github.com/nasa/CryptoLib/commit/ca39cb96f21e76102aefb956d2c8c0ba0bd143ca • CWE-122: Heap-based Buffer Overflow CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29911 – CryptoLib Has Heap Buffer Overflow in Crypto_AOS_ProcessSecurity Function
https://notcve.org/view.php?id=CVE-2025-29911
17 Mar 2025 — This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a maliciously crafted AOS frame with an insufficient length. • https://github.com/nasa/CryptoLib/security/advisories/GHSA-7g6g-9gj4-8c68 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29910 – CryptoLib's crypto_handle_incrementing_nontransmitted_counter Function has Memory Leak
https://notcve.org/view.php?id=CVE-2025-29910
17 Mar 2025 — This issue can lead to resource exhaustion, reduced system performance, and potentially a Denial of Service (DoS) in environments where CryptoLib is used in long-running processes or with large volumes of data. ... Este problema puede provocar el agotamiento de recursos, la reducción del rendimiento del sistema y, potencialmente, una denegación de servicio (DoS) en entornos donde CryptoLib se utiliza en procesos de larga duración o con grandes v... • https://github.com/nasa/CryptoLib/security/advisories/GHSA-p38w-p2r8-g6g5 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29909 – CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-29909
17 Mar 2025 — This can result in denial of service (DoS) or, under certain conditions, remote code execution (RCE). ... Esto puede provocar una denegación de servicio (DoS) o, en determinadas circunstancias, la ejecución remota de código (RCE). • https://github.com/nasa/CryptoLib/commit/c7e8a8745ff4b5e9bd7e500e91358e86d5abedcc • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44866
https://notcve.org/view.php?id=CVE-2024-44866
17 Mar 2025 — A buffer overflow in the GuitarPro1::read function of MuseScore Studio v4.3.2 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via opening a crafted GuitarPro file. • https://github.com/moonadon9/CVE_2024 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1057 – Keylime: keylime registrar dos due to incompatible database entry handling
https://notcve.org/view.php?id=CVE-2025-1057
15 Mar 2025 — A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas the updated registrar expects str. This issue leads to an exception when processing agent registration requests, causing the agent to fail. • https://access.redhat.com/security/cve/CVE-2025-1057 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2025-2295 – Potential iSCSI R2T PDU Vulnerability
https://notcve.org/view.php?id=CVE-2025-2295
14 Mar 2025 — A successful exploitation of this vulnerability may lead to denial of service. • https://github.com/tianocore/edk2/security/advisories/GHSA-8522-69fh-w74x • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-2268 – HP LaserJet MFP M232-M237 Printer Series - Potential Denial of Service
https://notcve.org/view.php?id=CVE-2025-2268
14 Mar 2025 — The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP). • https://support.hp.com/us-en/document/ish_12114154-12114176-16/hpsbpi04013 • CWE-241: Improper Handling of Unexpected Data Type •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-8176 – Libexpat: expat: improper restriction of xml entity expansion depth in libexpat
https://notcve.org/view.php?id=CVE-2024-8176
14 Mar 2025 — This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. • https://access.redhat.com/security/cve/CVE-2024-8176 • CWE-674: Uncontrolled Recursion •