Every CVE whose affected-product data names Xcfa Project Xcfa, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2014-5255 — CVSS 7.0 (high): xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary…
CVE-2014-5254 — CVSS 4.7 (medium): xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files.