Every CVE whose affected-product data names Openelec, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2016-2230 — CVSS 9.8 (critical): OpenELEC and RasPlex devices have a hardcoded password for the root account, which makes it easier for remote attackers to obtain access…
CVE-2017-6445 — CVSS 8.1 (high): The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and 8.0.4 uses neither encrypted connections…
CVE-2008-6025 — CVSS 6.8 (medium): Directory traversal vulnerability in scr/form.php in openElec 3.01 and earlier allows remote attackers to include and execute arbitrary…