Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-8517 | 1 Spip | 1 Spip | 2024-09-18 | N/A | 9.8 CRITICAL |
| SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request. | |||||
| CVE-2024-38432 | 1 Matrix-globalservices | 1 Tafnit | 2024-09-06 | N/A | 9.8 CRITICAL |
| Matrix Tafnit v8 - CWE-646: Reliance on File Name or Extension of Externally-Supplied File | |||||
| CVE-2023-45599 | 2024-03-05 | N/A | 5.5 MEDIUM | ||
| A CWE-646 “Reliance on File Name or Extension of Externally-Supplied File” vulnerability in the “iec61850” functionality of the web application allows a remote authenticated attacker to upload any arbitrary type of file into the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2. | |||||