VYPR

Vendor CVEs

Nasa

All CVEs

57 total · sorted by risk
  • CVE-2022-23053Feb 20, 2022
    risk 0.00cvss epss 0.01

    Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the “Condition Widget” element, that allows the injection of malicious JavaScript into the ‘URL’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later…

  • CVE-2022-22126Feb 20, 2022
    risk 0.00cvss epss 0.01

    Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the “Web Page” element, that allows the injection of malicious JavaScript into the ‘URL’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions.

  • CVE-2018-1000046HigFeb 9, 2018
    risk 0.00cvss 7.8epss 0.02

    NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in Radar data parsing library that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in…

  • CVE-2018-1000045HigFeb 9, 2018
    risk 0.00cvss 7.8epss 0.02

    NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library (Weather data) that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been…

  • CVE-2014-7113Oct 19, 2014
    risk 0.00cvss epss 0.00

    The NASA Universe Wallpapers Xeus (aka com.xeusNASA) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2009-2850Aug 18, 2009
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in NASA Common Data Format (CDF) allow context-dependent attackers to execute arbitrary code, as demonstrated using (1) an array index error in the ReadAEDRList64 function, and other errors in the (2) SearchForRecord_r_64, (3) LastRecord64, (4)…

  • CVE-2008-2080May 6, 2008
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags.

Page 2 of 2