{"vulnerability": "CVE-2025-2991", "sightings": [{"uuid": "e21300ca-53d8-443c-9395-e2a4c89284fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29913", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5rcjit2h", "content": "", "creation_timestamp": "2025-03-18T02:01:18.695249Z"}, {"uuid": "064d88db-1450-48ca-9965-025fc251bb06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29913", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114180551137811517", "content": "", "creation_timestamp": "2025-03-18T00:15:46.832280Z"}, {"uuid": "d59d1069-cc84-4478-bd41-d0590fe75d51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29911", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114180582366575557", "content": "", "creation_timestamp": "2025-03-18T00:23:42.300426Z"}, {"uuid": "4cb517a4-3147-4583-bbb0-7856bf239cc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29912", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114180582366575557", "content": "", "creation_timestamp": "2025-03-18T00:23:42.603928Z"}, {"uuid": "6738cbe5-1c96-403a-b336-5476e532babd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29910", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114180582366575557", "content": "", "creation_timestamp": "2025-03-18T00:23:42.453516Z"}, {"uuid": "dc6f68fe-3699-4c91-a163-3fe4e7294df5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29914", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lktlxbbjaq2n", "content": "", "creation_timestamp": "2025-03-20T21:04:11.872247Z"}, {"uuid": "039f78b0-fb12-4116-926a-f9a2d9369a20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29911", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5quo5o2k", "content": "", "creation_timestamp": "2025-03-18T02:01:16.516048Z"}, {"uuid": "40e7315d-4485-4e7e-8cc0-282dce1c67a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29912", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5qxs3b26", "content": "", "creation_timestamp": "2025-03-18T02:01:17.049414Z"}, {"uuid": "ab0ca2f6-4608-48c8-95eb-9931bccddd01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29914", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114196115958327030", "content": "", "creation_timestamp": "2025-03-20T18:14:06.212050Z"}, {"uuid": "87bbfd10-7213-44b3-a562-24b1a76da126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29915", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3ln7ajxf6yk2k", "content": "", "creation_timestamp": "2025-04-19T23:02:10.466883Z"}, {"uuid": "c9f8f46c-c24a-480a-bbdf-3685bc4e3406", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29916", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114315587733303001", "content": "", "creation_timestamp": "2025-04-10T20:37:20.759814Z"}, {"uuid": "b4018226-2c1e-46a9-ac54-373499ee7127", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29915", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114315587733303001", "content": "", "creation_timestamp": "2025-04-10T20:37:20.910252Z"}, {"uuid": "e86a51bb-eaeb-483b-b78f-4c4b457964bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29916", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmihwcptkl2r", "content": "", "creation_timestamp": "2025-04-10T21:43:06.963291Z"}, {"uuid": "6ad85ee3-091f-4d12-9449-05b2215b2880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29918", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmihwcwepy2a", "content": "", "creation_timestamp": "2025-04-10T21:43:08.034320Z"}, {"uuid": "ce56bc15-2a14-4b68-b01e-0c20ef1b826c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29917", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmihwdfklo26", "content": "", "creation_timestamp": "2025-04-10T21:43:10.476296Z"}, {"uuid": "6438d48c-0ee6-4a7a-92af-7bcf84512578", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29915", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmihwdm73b2f", "content": "", "creation_timestamp": "2025-04-10T21:43:12.081666Z"}, {"uuid": "173780e8-8786-4404-a26c-3150daef7f20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29916", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114316233278588016", "content": "", "creation_timestamp": "2025-04-10T23:21:30.865105Z"}, {"uuid": "3eb3142f-014e-4bee-bdd0-a27f29c6ad42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29917", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114316233278588016", "content": "", "creation_timestamp": "2025-04-10T23:21:31.018355Z"}, {"uuid": "cb332245-8d5d-4584-adeb-ca1746863eed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29918", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114316233278588016", "content": "", "creation_timestamp": "2025-04-10T23:21:31.170995Z"}, {"uuid": "71679541-1094-4c45-8a3c-e7b24796ca42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29916", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3ln7ajxf6yk2k", "content": "", "creation_timestamp": "2025-04-19T23:02:10.555391Z"}, {"uuid": "1ddad20b-e6d3-4b77-83d8-e53b7ba98289", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29917", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3ln7ajxf6yk2k", "content": "", "creation_timestamp": "2025-04-19T23:02:10.634107Z"}, {"uuid": "df3c550b-5d75-4271-9b85-5c06041e7752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29918", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3ln7ajxf6yk2k", "content": "", "creation_timestamp": "2025-04-19T23:02:10.717663Z"}, {"uuid": "72537c17-f06c-446c-97c4-2bb59684347e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29913", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}, {"uuid": "b7a06dc2-9b3f-4ed2-9ae8-6ace2e2b0c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29910", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}, {"uuid": "b5068f1c-7efa-486b-96de-6c538cff35ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29913", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:30.000000Z"}, {"uuid": "6471ec19-60fa-4190-a7df-9a1dc3072846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29910", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:30.000000Z"}, {"uuid": "487997b1-7dbc-4384-87a3-9af7b4808f2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29914", "type": "seen", "source": "https://gist.github.com/alon710/19367fed712521a1833c7c1711d66e07", "content": "", "creation_timestamp": "2026-01-24T21:30:35.000000Z"}, {"uuid": "04fb109d-fd1b-4f69-ad35-9b3b921e6b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29914", "type": "seen", "source": "https://gist.github.com/alon710/c2368f00bd72d41149f54bfc49fec47c", "content": "", "creation_timestamp": "2026-01-24T21:30:36.000000Z"}, {"uuid": "5843cb60-2126-437b-9fbc-cfa1aa5cd734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29914", "type": "seen", "source": "https://gist.github.com/alon710/d47e577d192090116b68a7b27e69bca4", "content": "", "creation_timestamp": "2026-01-24T22:42:37.000000Z"}, {"uuid": "5702c3a8-210b-4f8a-bd16-c505df781922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29914", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8257", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29914\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUEST_FILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: , REQUEST_FILENAME will be set to /uploads/foo.php. This can lead to a rules bypass. This vulnerability is fixed in 3.3.3.\n\ud83d\udccf Published: 2025-03-20T17:44:59.024Z\n\ud83d\udccf Modified: 2025-03-20T17:44:59.024Z\n\ud83d\udd17 References:\n1. https://github.com/corazawaf/coraza/security/advisories/GHSA-q9f5-625g-xm39\n2. https://github.com/corazawaf/coraza/commit/4722c9ad0d502abd56b8d6733c6b47eb4111742d", "creation_timestamp": "2025-03-20T18:20:54.000000Z"}, {"uuid": "234748e0-c837-4408-a368-f173e7d2515c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29913", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7890", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29913\n\ud83d\udd25 CVSS Score: 8.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P)\n\ud83d\udd39 Description: CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the `Crypto_TC_Prep_AAD` function of CryptoLib versions 1.3.3 and prior. This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a maliciously crafted telecommand (TC) frame that causes an unsigned integer underflow. The vulnerability lies in the function `Crypto_TC_Prep_AAD`, specifically during the computation of `tc_mac_start_index`. The affected code incorrectly calculates the MAC start index without ensuring it remains within the bounds of the `ingest` buffer. When `tc_mac_start_index` underflows due to an incorrect length calculation, the function attempts to access an out-of-bounds memory location, leading to a segmentation fault. The vulnerability is still present in the repository as of commit `d3cc420ace96d02a5b7e83d88cbd2e48010d5723`.\n\ud83d\udccf Published: 2025-03-17T22:50:49.074Z\n\ud83d\udccf Modified: 2025-03-17T22:50:49.074Z\n\ud83d\udd17 References:\n1. https://github.com/nasa/CryptoLib/security/advisories/GHSA-q4v2-fvrv-qrf6", "creation_timestamp": "2025-03-17T23:48:03.000000Z"}, {"uuid": "96b180dd-971f-4768-bf8c-74a61e0037a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29912", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7891", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29912\n\ud83d\udd25 CVSS Score: 8.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P)\n\ud83d\udd39 Description: CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, an unsigned integer underflow in the `Crypto_TC_ProcessSecurity` function of CryptoLib leads to a heap buffer overflow. The vulnerability is triggered when the `fl` (frame length) field in a Telecommand (TC) packet is set to 0. This underflow causes the frame length to be interpreted as 65535, resulting in out-of-bounds memory access. This critical vulnerability can be exploited to cause a denial of service (DoS) or potentially achieve remote code execution. Users of CryptoLib are advised to apply the recommended patch or avoid processing untrusted TC packets until a fix is available.\n\ud83d\udccf Published: 2025-03-17T22:48:40.833Z\n\ud83d\udccf Modified: 2025-03-17T22:48:40.833Z\n\ud83d\udd17 References:\n1. https://github.com/nasa/CryptoLib/security/advisories/GHSA-3f5x-r59x-p8cf\n2. https://github.com/nasa/CryptoLib/commit/ca39cb96f21e76102aefb956d2c8c0ba0bd143ca", "creation_timestamp": "2025-03-17T23:48:04.000000Z"}, {"uuid": "faf892ba-2e12-4d47-9c24-ea62ee5ac101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29912", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10022", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30356\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In 1.3.3 and earlier, a heap buffer overflow vulnerability persists in the Crypto_TC_ApplySecurity function due to an incomplete validation check on the fl (frame length) field. Although CVE-2025-29912 addressed an underflow issue involving fl, the patch fails to fully prevent unsafe calculations. As a result, an attacker can still craft malicious frames that cause a negative tf_payload_len, which is then interpreted as a large unsigned value, leading to a heap buffer overflow in a memcpy call.\n\ud83d\udccf Published: 2025-04-01T22:06:22.576Z\n\ud83d\udccf Modified: 2025-04-01T22:06:22.576Z\n\ud83d\udd17 References:\n1. https://github.com/nasa/CryptoLib/security/advisories/GHSA-6w2x-w7w3-85w2\n2. https://github.com/nasa/CryptoLib/commit/59d1bce7608c94c6131ef4877535075b0649799c", "creation_timestamp": "2025-04-01T22:32:41.000000Z"}, {"uuid": "d31e51d4-1018-4d8a-8fc7-80806d0eb6af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2991", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9637", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2991\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is an unknown function of the file /goform/AdvSetWrlmacfilter of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-31T10:31:06.850Z\n\ud83d\udccf Modified: 2025-03-31T10:31:06.850Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302040\n2. https://vuldb.com/?ctiid.302040\n3. https://vuldb.com/?submit.523412\n4. https://lavender-bicycle-a5a.notion.site/Tenda-FH1202-AdvSetWrlmacfilter-1bc53a41781f807d97f3d01957f442a0?pvs=4\n5. https://www.tenda.com.cn/", "creation_timestamp": "2025-03-31T11:31:46.000000Z"}, {"uuid": "0a9e66b6-1368-46d9-9208-7abd10dcf64e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29918", "type": "seen", "source": "https://t.me/cvedetector/22688", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29918 - Suricata PCRE Rule Infinite Loop Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29918 \nPublished : April 10, 2025, 9:15 p.m. | 2\u00a0hours, 10\u00a0minutes ago \nDescription : Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability in inline mode. This vulnerability is fixed in 7.0.9. \nSeverity: 6.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-11T02:13:53.000000Z"}, {"uuid": "c53da6e9-7300-4c19-9ab9-2c0bbc446f4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29916", "type": "seen", "source": "https://t.me/cvedetector/22678", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29916 - Suricata Large Hash Table Allocation Vulnerability (Denial of Service)\", \n  \"Content\": \"CVE ID : CVE-2025-29916 \nPublished : April 10, 2025, 8:15 p.m. | 1\u00a0hour, 10\u00a0minutes ago \nDescription : Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Datasets declared in rules have an option to specify the `hashsize` to use. This size setting isn't properly limited, so the hash table allocation can be large. Untrusted rules can lead to large memory allocations, potentially leading to denial of service due to resource starvation. This vulnerability is fixed in 7.0.9. \nSeverity: 6.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T23:43:15.000000Z"}, {"uuid": "73ea56c0-8b4b-414e-bfb2-eace1c8dff6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29915", "type": "seen", "source": "https://t.me/cvedetector/22677", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29915 - Suricata AF_PACKET Truncated Packet Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29915 \nPublished : April 10, 2025, 8:15 p.m. | 1\u00a0hour, 10\u00a0minutes ago \nDescription : Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AF_PACKET defrag option is enabled by default and allows AF_PACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is based on the network interface MTU which leads to Suricata seeing truncated packets. Upgrade to Suricata 7.0.9, which uses better defaults and adds warnings for user configurations that may lead to issues. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T23:43:14.000000Z"}, {"uuid": "17c011e9-b1c1-4533-8060-a91de5d5d41f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29917", "type": "seen", "source": "https://t.me/cvedetector/22689", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29917 - Suricata Large Memory Allocation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29917 \nPublished : April 10, 2025, 9:15 p.m. | 2\u00a0hours, 10\u00a0minutes ago \nDescription : Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decode_base64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per thread. This vulnerability is fixed in 7.0.9. \nSeverity: 6.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-11T02:13:53.000000Z"}, {"uuid": "103e83f2-32db-4dfa-bbb5-cca6974d9499", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29912", "type": "seen", "source": "https://t.me/cvedetector/21825", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30356 - \"CryptoLib Heap Buffer Overflow Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-30356 \nPublished : April 1, 2025, 10:15 p.m. | 1\u00a0hour, 30\u00a0minutes ago \nDescription : CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In 1.3.3 and earlier, a heap buffer overflow vulnerability persists in the Crypto_TC_ApplySecurity function due to an incomplete validation check on the fl (frame length) field. Although CVE-2025-29912 addressed an underflow issue involving fl, the patch fails to fully prevent unsafe calculations. As a result, an attacker can still craft malicious frames that cause a negative tf_payload_len, which is then interpreted as a large unsigned value, leading to a heap buffer overflow in a memcpy call. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T02:26:39.000000Z"}, {"uuid": "38c1d581-b229-4ca9-9164-32c0292b438e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29912", "type": "seen", "source": "https://t.me/cvedetector/20539", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29912 - CryptoLib Heap Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29912 \nPublished : March 17, 2025, 11:15 p.m. | 52\u00a0minutes ago \nDescription : CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, an unsigned integer underflow in the `Crypto_TC_ProcessSecurity` function of CryptoLib leads to a heap buffer overflow. The vulnerability is triggered when the `fl` (frame length) field in a Telecommand (TC) packet is set to 0. This underflow causes the frame length to be interpreted as 65535, resulting in out-of-bounds memory access. This critical vulnerability can be exploited to cause a denial of service (DoS) or potentially achieve remote code execution. Users of CryptoLib are advised to apply the recommended patch or avoid processing untrusted TC packets until a fix is available. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T01:50:38.000000Z"}, {"uuid": "ccd66cb7-91cd-42a7-8e69-d17497e16a23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2991", "type": "seen", "source": "https://t.me/cvedetector/21585", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2991 - Tenda FH1202 Web Management Interface Improper Access Control Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2991 \nPublished : March 31, 2025, 11:15 a.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is an unknown function of the file /goform/AdvSetWrlmacfilter of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T15:00:54.000000Z"}, {"uuid": "dc4989e4-f6c7-4822-9f57-4d8c05947219", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29911", "type": "seen", "source": "https://t.me/cvedetector/20538", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29911 - CryptoLib Crypto-AOS Frame Error Control Field Heap Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29911 \nPublished : March 17, 2025, 11:15 p.m. | 52\u00a0minutes ago \nDescription : CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the `Crypto_AOS_ProcessSecurity` function of CryptoLib versions 1.3.3 and prior. This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a maliciously crafted AOS frame with an insufficient length. The vulnerability lies in the function `Crypto_AOS_ProcessSecurity`, specifically during the processing of the Frame Error Control Field (FECF). The affected code attempts to read from the `p_ingest` buffer at indices `current_managed_parameters_struct.max_frame_size - 2` and `current_managed_parameters_struct.max_frame_size - 1` without verifying if `len_ingest` is sufficiently large. This leads to a heap buffer overflow when `len_ingest` is smaller than `max_frame_size`. As of time of publication, no known patched versions exist. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T01:50:37.000000Z"}, {"uuid": "5e9c77fd-7860-49e5-87ca-e11ed0c46e66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29913", "type": "seen", "source": "https://t.me/cvedetector/20534", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29913 - CryptoLib Heap Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29913 \nPublished : March 17, 2025, 11:15 p.m. | 52\u00a0minutes ago \nDescription : CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the `Crypto_TC_Prep_AAD` function of CryptoLib versions 1.3.3 and prior. This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a maliciously crafted telecommand (TC) frame that causes an unsigned integer underflow. The vulnerability lies in the function `Crypto_TC_Prep_AAD`, specifically during the computation of `tc_mac_start_index`. The affected code incorrectly calculates the MAC start index without ensuring it remains within the bounds of the `ingest` buffer. When `tc_mac_start_index` underflows due to an incorrect length calculation, the function attempts to access an out-of-bounds memory location, leading to a segmentation fault. The vulnerability is still present in the repository as of commit `d3cc420ace96d02a5b7e83d88cbd2e48010d5723`. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T01:50:31.000000Z"}, {"uuid": "c4328997-f49a-4200-bcac-ca93b152d7da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29914", "type": "seen", "source": "https://t.me/cvedetector/20770", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29914 - Coraza WAF REQUEST_FILENAME Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29914 \nPublished : March 20, 2025, 6:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUEST_FILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: , REQUEST_FILENAME will be set to /uploads/foo.php. This can lead to a rules bypass. This vulnerability is fixed in 3.3.3. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-20T21:35:12.000000Z"}]}