58 matches found
ait-dsn (=2.0.0), ait-gui (>=2.4.0 <=2.4.1) potentially affected by CVE-2026-47731 via ait-core (>=2.3.5 <=2.5.2)
ait-core PYPI version =2.3.5, =2.4.0, =2.4.1 Source cves: CVE-2026-47731 Source advisory: OSV:GHSA-P462-PRXW-MJX4...
CVE-2026-47731
creationtimestamp| type| source ---|---|--- 2026-05-19 22:10:29+00:00| published-proof-of-concept| https://github.com/NASA-AMMOS/AIT-Core/security/advisories/GHSA-p462-prxw-mjx4...
CVE-2024-35061
NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. When chained with CVE-2024-35059, the CVE in subject leads to an unauthenticated, fully remote code execution...
CVE-2024-35056
NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...
CVE-2024-35060
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML file...
CVE-2024-35059
An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands...
CVE-2024-35057
An issue in NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via a crafted packet...
Remote Code Execution (RCE)
ait-core is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to loading untrusted pickle files, allowing attackers to execute arbitrary code...
ait-dsn (=2.0.0), ait-gui (>=2.4.0 <=2.4.1) potentially affected by CVE-2024-35061 via ait-core (>=2.3.5 <=2.5.2)
ait-core PYPI version =2.3.5, =2.4.0, =2.4.1 Source cves: CVE-2024-35061 Source advisory: OSV:GHSA-QV6X-53JJ-VW59...
ait-dsn (=2.0.0), ait-gui (>=2.4.0 <=2.4.1) potentially affected by CVE-2024-35059 +1 more via ait-core (>=2.3.5 <=2.5.2)
ait-core PYPI version =2.3.5, =2.4.0, =2.4.1 Source cves: CVE-2024-35059, CVE-2024-35061 Source advisory: OSV:GHSA-JQFF-8G2V-642H...
GHSA-QV6X-53JJ-VW59 NASA AIT-Core uses unencrypted channels to exchange data over the network
NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack...
NASA AIT-Core uses unencrypted channels to exchange data over the network
NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack...
NASA AIT-Core vulnerable to remote code execution
An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands...
GHSA-JQFF-8G2V-642H NASA AIT-Core vulnerable to remote code execution
An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands...
CVE-2024-35059
An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands...
CVE-2024-35060
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML file...
CVE-2024-35061
NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. When chained with CVE-2024-35059, the CVE in subject leads to an unauthenticated, fully remote code execution...
CVE-2024-35061
NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. When chained with CVE-2024-35059, the CVE in subject leads to an unauthenticated, fully remote code execution...
CVE-2024-35060
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML file...
CVE-2024-35059
An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands...