Every CVE whose affected-product data names Baesystems Socet Gxp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2025-54968 — CVSS 8.8 (high): An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Service does not require authentication. In some configurations…
CVE-2025-54964 — CVSS 8.4 (high): An issue was discovered in BAE SOCET GXP before 4.6.0.2. An attacker with the ability to interact with the GXP Job Service may inject…
CVE-2025-54970 — CVSS 6.5 (medium): An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service fails to authenticate requests. In some…
CVE-2025-54967 — CVSS 6.5 (medium): An issue was discovered in BAE SOCET GXP before 4.6.0.3. It permits external entities in certain XML-based files. An attacker who is able…
CVE-2025-54963 — CVSS 6.5 (medium): An issue was discovered in BAE SOCET GXP before 4.6.0.2. An attacker with the ability to interact with the GXP Job Service may submit a…
CVE-2025-54965 — CVSS 6.1 (medium): An XSS issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service does not properly sanitize the job ID…
CVE-2025-54969 — CVSS 6.1 (medium): An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service does not implement CSRF protections. An attacker…
CVE-2025-54966 — CVSS 4.3 (medium): An issue was discovered in BAE SOCET GXP before 4.6.0.2. Some endpoints on the SOCET GXP Job Status Service may return sensitive…