Davinci Project CVE

Filtered by vendor Davinci Project Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-24206	1 Davinci Project	1 Davinci	2025-03-11	9.8 Critical
Davinci v0.3.0-rc was discovered to contain a SQL injection vulnerability via the copyDisplay function.
CVE-2023-31848	1 Davinci Project	1 Davinci	2025-01-23	8.8 High
davinci 0.3.0-rc is vulnerable to Server-side request forgery (SSRF).
CVE-2023-31847	1 Davinci Project	1 Davinci	2025-01-22	6.5 Medium
In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side.

Page 1 of 1.