Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-4639 | 1 Gss | 1 Vitalsesp | 2026-04-15 | N/A | 8.8 HIGH |
| Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby escalating privileges. | |||||
| CVE-2026-4640 | 1 Gss | 1 Vitalsesp | 2026-04-15 | N/A | 7.5 HIGH |
| Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to execute certain functions to obtain sensitive information. | |||||
| CVE-2025-14253 | 1 Gss | 1 Vitalsesp | 2026-01-15 | N/A | 4.9 MEDIUM |
| Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files. | |||||
| CVE-2025-14254 | 1 Gss | 1 Vitalsesp | 2026-01-15 | N/A | 6.5 MEDIUM |
| Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. | |||||
| CVE-2025-14255 | 1 Gss | 1 Vitalsesp | 2026-01-15 | N/A | 6.5 MEDIUM |
| Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. | |||||