Nasa

Ait Core

6 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-35059

Exploit
  • EPSS 0.07%
  • Published 21.05.2024 19:15:10
  • Last modified 03.06.2025 14:15:55

An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands.

7.5

CVE-2024-35060

Exploit
  • EPSS 0.08%
  • Published 21.05.2024 19:15:10
  • Last modified 03.06.2025 14:16:05

An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML file.

7.3

CVE-2024-35061

Exploit
  • EPSS 1.47%
  • Published 21.05.2024 19:15:10
  • Last modified 03.06.2025 14:16:41

NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. When chained with CVE-2024-35059, the CVE in subject leads to an unauthenticated, fully remot...

9.8

CVE-2024-35056

Exploit
  • EPSS 0.15%
  • Published 21.05.2024 18:15:09
  • Last modified 03.06.2025 14:14:43

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the query_packets and insert functions.

7.5

CVE-2024-35057

Exploit
  • EPSS 0.05%
  • Published 21.05.2024 18:15:09
  • Last modified 03.06.2025 14:15:27

An issue in NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via a crafted packet.

7.5

CVE-2024-35058

Exploit
  • EPSS 0.11%
  • Published 21.05.2024 18:15:09
  • Last modified 03.06.2025 14:15:39

An issue in the API wait function of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via supplying a crafted string.