Lucene search
+L

29 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-261 NASA AIT-Core vulnerable to remote code execution

An issue in the API wait function of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via supplying a crafted string...

9.2CVSS6.1AI score0.00428EPSS
Exploits1References6
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-264 NASA AIT-Core vulnerable to remote code execution

An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands...

9.8CVSS7.3AI score0.00449EPSS
Exploits1References5
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-262 NASA AIT-Core vulnerable to SQL Injection

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...

9.8CVSS5.8AI score0.00603EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/23 9:3 a.m.7 views

CVE-2024-35061

NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. When chained with CVE-2024-35059, the CVE in subject leads to an unauthenticated, fully remote code execution...

7.5CVSS8AI score0.00546EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:1 a.m.7 views

CVE-2024-35056

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...

9.8CVSS8.5AI score0.00603EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:1 a.m.6 views

CVE-2024-35060

An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML file...

7.5CVSS7.7AI score0.00472EPSS
Exploits1References1
OSV
OSV
added 2024/05/21 9:30 p.m.1 views

GHSA-QV6X-53JJ-VW59 NASA AIT-Core uses unencrypted channels to exchange data over the network

NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack...

7.3CVSS6AI score0.00546EPSS
Exploits1References3
OSV
OSV
added 2024/05/21 9:30 p.m.40 views

GHSA-JQFF-8G2V-642H NASA AIT-Core vulnerable to remote code execution

An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands...

9.8CVSS7.3AI score0.00546EPSS
Exploits2References3
NVD
NVD
added 2024/05/21 7:15 p.m.30 views

CVE-2024-35061

NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. When chained with CVE-2024-35059, the CVE in subject leads to an unauthenticated, fully remote code execution...

7.3CVSS7.6AI score0.00546EPSS
Exploits1References3
NVD
NVD
added 2024/05/21 7:15 p.m.27 views

CVE-2024-35060

An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML file...

7.5CVSS7.3AI score0.00472EPSS
Exploits1References2
OSV
OSV
added 2024/05/21 6:31 p.m.4 views

GHSA-GPGJ-XRGW-8MX2 NASA AIT-Core vulnerable to SQL Injection

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...

9.8CVSS5.9AI score0.00603EPSS
Exploits1References4
NVD
NVD
added 2024/05/21 6:15 p.m.25 views

CVE-2024-35056

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...

9.8CVSS8AI score0.00603EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/05/21 12:0 a.m.15 views

CVE-2024-35057

An issue in NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via a crafted packet...

7.4AI score0.00438EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/05/21 12:0 a.m.42 views

CVE-2024-35059

An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands...

7AI score0.00449EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/05/21 12:0 a.m.29 views

CVE-2024-35058

An issue in the API wait function of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via supplying a crafted string...

7.4AI score0.00428EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/05/21 12:0 a.m.11 views

CVE-2024-35057

An issue in NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via a crafted packet...

7.8AI score0.00438EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/05/21 12:0 a.m.18 views

CVE-2024-35059

An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands...

7.1AI score0.00449EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.6 views

NASA AIT-Core 安全漏洞

NASA AIT-Core is a Python-based software suite organized by NASA. A security vulnerability exists in NASA AIT-Core version v2.5.2 that stems from the inclusion of multiple SQL injection vulnerabilities via the querypackets and insert functions...

9.8CVSS7.8AI score0.00603EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/05/21 12:0 a.m.41 views

CVE-2024-35061

NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. When chained with CVE-2024-35059, the CVE in subject leads to an unauthenticated, fully remote code execution...

7.5AI score0.00546EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/05/21 12:0 a.m.13 views

CVE-2024-35058

An issue in the API wait function of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via supplying a crafted string...

7.8AI score0.00428EPSS
Exploits1References2
Rows per page
Query Builder