Every CVE whose affected-product data names Trcore Dvc, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-11315 — CVSS 9.8 (critical): The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated…
CVE-2024-11312 — CVSS 9.8 (critical): The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated…
CVE-2024-11313 — CVSS 9.8 (critical): The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated…
CVE-2024-11314 — CVSS 9.8 (critical): The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated…
CVE-2024-11311 — CVSS 9.8 (critical): The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated…
CVE-2024-11309 — CVSS 7.5 (high): The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read…
CVE-2024-11310 — CVSS 7.5 (high): The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read…
CVE-2024-11308 — CVSS 6.2 (medium): The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt the files and restore the original content.