| Vendor | Products | CVEs | KEV | Avg EPSS | Worst Severity |
|---|
| 1 | 8 | 0 | 41.4% | CRITICAL |
| CVE ID | Description | Severity | CVSS | KEV | EPSS | Published | |
|---|
| CVE-2023-37234 | Loftware Spectrum through 4.6 has unprotected JMX Registry. | CRITICAL | 9.8 | — | 31.8% | Sep 10, 2024 | |
| CVE-2023-37233 | Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks. | HIGH | 8.8 | — | 35.5% | Sep 10, 2024 | |
| CVE-2023-37232 | Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor. | HIGH | 7.5 | — | 30.1% | Sep 10, 2024 | |
| CVE-2023-37231 | Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password. | CRITICAL | 9.8 | — | 40.0% | Sep 10, 2024 | |
| CVE-2023-37230 | Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF. | HIGH | 8.8 | — | 26.8% | Sep 10, 2024 | |
| CVE-2023-37229 | Loftware Spectrum before 5.1 allows SSRF. | HIGH | 8.8 | — | 26.8% | Sep 10, 2024 | |
| CVE-2023-37227 | Loftware Spectrum before 4.6 HF13 Deserializes Untrusted Data. | CRITICAL | 9.8 | — | 45.1% | Sep 10, 2024 | |
| CVE-2023-37226 | Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function. | CRITICAL | 9.8 | — | 43.3% | Sep 10, 2024 | |