LoftwareCVEs & Vulnerabilities
8 CVEs affecting Loftware products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
8 CVEs→ All vendors
Most Affected Products
spectrum 11
CVE-2023-37234CRITICAL
Loftware Spectrum through 4.6 has unprotected JMX Registry.
10 Sep 2024
9.8
CVSS
CVE-2023-37233HIGH
Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks.
10 Sep 2024
8.8
CVSS
CVE-2023-37232HIGH
Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor.
10 Sep 2024
7.5
CVSS
CVE-2023-37231CRITICAL
Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password.
10 Sep 2024
9.8
CVSS
CVE-2023-37230HIGH
Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF.
10 Sep 2024
8.8
CVSS
CVE-2023-37229HIGH
Loftware Spectrum before 5.1 allows SSRF.
10 Sep 2024
8.8
CVSS
CVE-2023-37227CRITICAL
Loftware Spectrum before 4.6 HF13 Deserializes Untrusted Data.
10 Sep 2024
9.8
CVSS
CVE-2023-37226CRITICAL
Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function.
10 Sep 2024
9.8
CVSS
← PrevPage 1 / 1Next →