Browse all 3 CVE security advisories affecting bluemark. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Bluemark provides digital asset management solutions for creative workflows, primarily serving marketing and design teams. Historically, vulnerabilities have included stored cross-site scripting (XSS) in image metadata handling, remote code execution (RCE) through manipulated file uploads, and privilege escalation via insecure direct object references. The platform's security posture has been marked by inconsistent input validation and insufficient access controls. While no major public incidents have been documented, the three recorded CVEs highlight ongoing challenges in secure file processing and permission management, particularly when handling user-generated content across collaborative environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-31191 | Denial of Service due to loss of information in DroneScout ds230 Remote ID receiver from BlueMark Innovations — ds230CWE-223 | 9.3 | Critical | 2023-07-11 |
| CVE-2023-31190 | Missing TLS (HTTPS) certificate validation during firmware update in DroneScout ds230 Remote ID receiver from BlueMark Innovations — ds230CWE-295 | 8.1 | High | 2023-07-11 |
| CVE-2023-29156 | Denial of Service due to loss of information in DroneScout ds230 Remote ID receiver from BlueMark Innovations — ds230CWE-223 | 4.7 | Medium | 2023-07-11 |
This page lists every published CVE security advisory associated with bluemark. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.