Ait Core

ait_core

Vendor: Nasa • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-35061 1Nasa 1Ait Core Jun 3, 2025 May 21, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. When chained with CVE-2024-35059, the CVE in subject leads to a...Show more NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. When chained with CVE-2024-35059, the CVE in subject leads to an unauthenticated, fully remote code execution.Show less
CVE-2024-35060 1Nasa 1Ait Core Jun 3, 2025 May 21, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML file.
CVE-2024-35059 1Nasa 1Ait Core Jun 3, 2025 May 21, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands.
CVE-2024-35058 1Nasa 1Ait Core Jun 3, 2025 May 21, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue in the API wait function of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via supplying a crafted string.
CVE-2024-35057 1Nasa 1Ait Core Jun 3, 2025 May 21, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue in NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via a crafted packet.
CVE-2024-35056 1Nasa 1Ait Core Jun 3, 2025 May 21, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the query_packets and insert functions.