CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2025/05/23 10:34 a.m.•5 views

CVE-2024-44623

An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the childprocess.js function...

9.8CVSS7.9AI score0.38925EPSS

Exploits1References1

OSV•added 2024/09/16 4:15 p.m.•15 views

CVE-2024-44623

An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the childprocess.js function...

9.8CVSS7.9AI score0.38925EPSS

Exploits1References3

Cvelist•added 2024/09/16 12:0 a.m.•17 views

CVE-2024-44623

An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the childprocess.js function...

0.38925EPSS

Exploits1References3

Vulnrichment•added 2024/09/16 12:0 a.m.•14 views

CVE-2024-44623

An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the childprocess.js function...

7.5AI score0.38925EPSS

Exploits1References3

CVE•added 2024/09/16 12:0 a.m.•22 views

CVE-2024-44623

The CVE-2024-44623 entry has concrete technical details in connected data: SPX-GC (TuomoKu) versions <= 1.3.0 are affected. The root cause is the use of unsanitized user input passed to the Node.js child_process.exec function in routes/routes-api.js, enabling unauthenticated remote code execut...

9.8CVSS8.1AI score0.38925EPSS

Exploits1References3Affected Software1