Every CVE whose affected-product data names Gnu Savane, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-27632 — CVSS 8.8 (high): An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the form_id in the form_header() function.
CVE-2024-29399 — CVSS 7.6 (high): An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a…
CVE-2024-27630 — CVSS 7.5 (high): Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12 and before allows a remote attacker to delete arbitrary files via crafted…
CVE-2024-27631 — CVSS 6.0 (medium): Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via…