Vulnerabilities > Auvesy > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-22 | CVE-2021-38461 | Use of Hard-coded Credentials vulnerability in Auvesy Versiondog The affected product uses a hard-coded blowfish key for encryption/decryption processes. | 8.2 |
| 2021-10-22 | CVE-2021-38463 | Allocation of Resources Without Limits or Throttling vulnerability in Auvesy Versiondog The affected product does not properly control the allocation of resources. | 8.1 |
| 2021-10-22 | CVE-2021-38467 | Unspecified vulnerability in Auvesy Versiondog A specific function code receives a raw pointer supplied by the user and deallocates this pointer. | 8.1 |
| 2021-10-22 | CVE-2021-38469 | Unspecified vulnerability in Auvesy Versiondog Many of the services used by the affected product do not specify full paths for the DLLs they are loading. | 7.1 |
| 2021-10-22 | CVE-2021-38473 | Out-of-bounds Write vulnerability in Auvesy Versiondog The affected product’s code base doesn’t properly control arguments for specific functions, which could lead to a stack overflow. | 8.8 |
| 2021-10-22 | CVE-2021-38475 | Unspecified vulnerability in Auvesy Versiondog The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions. | 8.8 |
| 2021-10-22 | CVE-2021-38479 | Unspecified vulnerability in Auvesy Versiondog Many API function codes receive raw pointers remotely from the user and trust these pointers as valid in-bound memory regions. | 7.5 |