Every CVE whose affected-product data names Safe Fme Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2022-38339 — CVSS 9.6 (critical): Safe Software FME Server v2021.2.5, v2022.0.0.2 and below contains a cross-site scripting (XSS) vulnerability which allows attackers to…
CVE-2022-38340 — CVSS 9.1 (critical): Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a Path Traversal vulnerability via the component…
CVE-2018-20402 — CVSS 8.8 (high): Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition to the initial administrator account. The…
CVE-2022-38342 — CVSS 8.5 (high): Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a XML External Entity (XXE) vulnerability which allows…
CVE-2023-35801 — CVSS 8.1 (high): A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a…
CVE-2020-22789 — CVSS 6.1 (medium): Unauthenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta allows a remote attacker to gain admin privileges by injecting…
CVE-2020-22790 — CVSS 5.4 (medium): Authenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta allows a remote attacker to execute codeby injecting arbitrary web…