CVE Tools

cleo

Enterprise Softwarecommercial

2

Cumulative CVEs

1

Monthly snapshots

#197

Peak rank

Top products

Latest CVEs

The 5 most recently published vulnerabilities affecting cleo.

CVE-2024-55956In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by le...KEV9.8Dec 13, 2024
CVE-2024-50623In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution.KEV9.8Oct 27, 2024
CVE-2022-42966Exponential ReDoS in cleo leads to denial of service5.9Nov 9, 2022
CVE-2021-33577An issue was discovered in Cleo LexiCom 5.5.0.0. The requirement for the sender of an AS2 message to identify themselves (via encryption and signing of the message) can be bypassed by changing the ...5.3Jun 18, 2021
CVE-2021-33576An issue was discovered in Cleo LexiCom 5.5.0.0. Within the AS2 message, the sender can specify a filename. This filename can include path-traversal characters, allowing the file to be written to a...9.8Jun 18, 2021