Skip to main content

Ait Core

6 CVEs product

Monthly

CVE-2024-35061 PyPI HIGH POC This Week

NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Microsoft Ait Core
NVD GitHub
CVSS 3.1
7.3
EPSS
0.5%
CVE-2024-35060 HIGH POC This Week

An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML file. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Python Information Disclosure Ait Core
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-35059 PyPI HIGH POC This Week

An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Python Information Disclosure Ait Core
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-35058 PyPI HIGH POC This Week

An issue in the API wait function of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via supplying a crafted string. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Ait Core
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-35057 PyPI HIGH POC This Week

An issue in NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via a crafted packet. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Ait Core
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-35056 PyPI CRITICAL POC Act Now

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the query_packets and insert functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ait Core
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
EPSS 1% CVSS 7.3
HIGH POC This Week

NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Microsoft Ait Core
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML file. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Python Information Disclosure Ait Core
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Python Information Disclosure Ait Core
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

An issue in the API wait function of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via supplying a crafted string. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Ait Core
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

An issue in NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via a crafted packet. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Ait Core
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the query_packets and insert functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ait Core
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy