Helix Core vulnerabilities
8 known vulnerabilities affecting helix/helix_core.
Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH6MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-45849P1CRITICALCVSS 9.8Exploited≥ 0.0.0, < 2023.2≥ 0.0.0, < 2023.1 Patch 2+3 more2023-11-08
CVE-2023-45849 [CRITICAL] CWE-94 CVE-2023-45849: An arbitrary code execution which results in privilege escalation was discovered in Helix Core versi
An arbitrary code execution which results in privilege escalation was discovered in Helix Core versions prior to 2023.2. Reported by Jason Geffner.
nvd
CVE-2024-10314P3HIGHCVSS 8.7≥ 0.0.0, < 2024.2≥ 0.0.0, < 2024.1+3 more2024-11-11
CVE-2024-10314 [HIGH] CWE-400 CVE-2024-10314: In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the au
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the auto-generation function was identified. Reported by Karol Więsek.
nvd
CVE-2024-10345P3HIGHCVSS 8.7≥ 0.0.0, < 2024.2≥ 0.0.0, < 2024.1+3 more2024-11-11
CVE-2024-10345 [HIGH] CWE-400 CVE-2024-10345: In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the sh
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Więsek.
nvd
CVE-2024-10344P3HIGHCVSS 8.7≥ 0.0.0, < 2024.2≥ 0.0.0, < 2024.1+3 more2024-11-11
CVE-2024-10344 [HIGH] CWE-400 CVE-2024-10344: In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the re
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Więsek.
nvd
CVE-2023-35767P3HIGHCVSS 7.5≥ 0.0.0, < 2023.2≥ 0.0.0, < 2023.1 Patch 2+3 more2023-11-08
CVE-2023-35767 [HIGH] CWE-400 CVE-2023-35767: In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the sh
In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Jason Geffner.
nvd
CVE-2023-45319P3HIGHCVSS 7.5≥ 0.0.0, < 2023.2≥ 0.0.0, < 2023.1 Patch 2+3 more2023-11-08
CVE-2023-45319 [HIGH] CWE-400 CVE-2023-45319: In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the co
In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the commit function was identified. Reported by Jason Geffner.
nvd
CVE-2023-5759P3HIGHCVSS 7.5≥ 0.0.0, < 2023.2≥ 0.0.0, < 2023.1 Patch 2+3 more2023-11-08
CVE-2023-5759 [HIGH] CWE-400 CVE-2023-5759: In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the bu
In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. Reported by Jason Geffner.
nvd
CVE-2024-8067P4MEDIUMCVSS 5.8≥ 2024.1, ≤ 2024.1 Patch 2 (2024.1/2655224)2024-09-25
CVE-2024-8067 [MEDIUM] CWE-176 CVE-2024-8067: In versions of Helix Core prior to 2024.1 Patch 2 (2024.1/2655224) a Windows ANSI API Unicode "best
In versions of Helix Core prior to 2024.1 Patch 2 (2024.1/2655224) a Windows ANSI API Unicode "best fit" argument injection was identified.
nvd