Every CVE whose affected-product data names Docmosis Tornado, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-42733 — CVSS 9.8 (critical): An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path…
CVE-2023-25266 — CVSS 8.8 (high): An issue was discovered in Docmosis Tornado prior to version 2.9.5. An authenticated attacker can change the Office directory setting…
CVE-2023-25264 — CVSS 7.5 (high): An issue was discovered in Docmosis Tornado prior to version 2.9.5. An unauthenticated attacker can bypass the authentication check filter…
CVE-2023-25265 — CVSS 7.5 (high): Docmosis Tornado <= 2.9.4 is vulnerable to Directory Traversal leading to the disclosure of arbitrary content on the file system.