Vulnerabilities > Auvesy > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-22 | CVE-2021-38453 | External Control of System or Configuration Setting vulnerability in Auvesy Versiondog Some API functions allow interaction with the registry, which includes reading values as well as data modification. | 6.4 |
| 2021-10-22 | CVE-2021-38455 | Improper Input Validation vulnerability in Auvesy Versiondog The affected product’s OS Service does not verify any given parameter. | 4.0 |
| 2021-10-22 | CVE-2021-38465 | Allocation of Resources Without Limits or Throttling vulnerability in Auvesy Versiondog The webinstaller is a Golang web server executable that enables the generation of an Auvesy image agent. | 6.5 |
| 2021-10-22 | CVE-2021-38467 | Use After Free vulnerability in Auvesy Versiondog A specific function code receives a raw pointer supplied by the user and deallocates this pointer. | 5.5 |
| 2021-10-22 | CVE-2021-38469 | Uncontrolled Search Path Element vulnerability in Auvesy Versiondog Many of the services used by the affected product do not specify full paths for the DLLs they are loading. | 4.3 |
| 2021-10-22 | CVE-2021-38471 | Unrestricted Upload of File with Dangerous Type vulnerability in Auvesy Versiondog There are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or create new files. | 6.4 |
| 2021-10-22 | CVE-2021-38473 | Out-of-bounds Write vulnerability in Auvesy Versiondog The affected product’s code base doesn’t properly control arguments for specific functions, which could lead to a stack overflow. | 6.5 |
| 2021-10-22 | CVE-2021-38477 | External Control of File Name or Path vulnerability in Auvesy Versiondog There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files. | 6.4 |
| 2021-10-22 | CVE-2021-38479 | Out-of-bounds Write vulnerability in Auvesy Versiondog Many API function codes receive raw pointers remotely from the user and trust these pointers as valid in-bound memory regions. | 5.0 |