Filtered by vendor Galaxy Software Services Corporation Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-52958 1 Galaxy Software Services Corporation 1 Iota C.ai Conversational Platform 2024-11-27 N/A
A improper verification of cryptographic signature vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to load a malicious DLL via upload plugin function.
CVE-2024-52959 1 Galaxy Software Services Corporation 1 Iota C.ai Conversational Platform 2024-11-27 N/A
A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to perform arbitrary system commands via a DLL file.