Every CVE whose affected-product data names Cert Vince, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-40238 — CVSS 8.8 (high): A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. An authenticated attacker can inject arbitrary…
CVE-2022-25799 — CVSS 6.1 (medium): An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0. An attacker could send a link that has a specially crafted…
CVE-2022-40248 — CVSS 5.4 (medium): An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via…
CVE-2022-40257 — CVSS 5.4 (medium): An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via a…
CVE-2024-9953 — CVSS 4.9 (medium): A potential denial-of-service (DoS) vulnerability exists in CERT VINCE software versions prior to 3.0.8. An authenticated administrative…