Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Creolabs Security Vulnerabilities

cve
cve

CVE-2017-1000072

Creolabs Gravity version 1.0 is vulnerable to a Double Free in gravity_value resulting potentially leading to modification of unexpected memory locations

9.8CVSS

9.2AI Score

0.005EPSS

2017-07-17 01:18 PM
28
cve
cve

CVE-2017-1000073

Creolabs Gravity version 1.0 is vulnerable to a heap overflow in an undisclosed component that can result in arbitrary code execution.

9.8CVSS

9.7AI Score

0.007EPSS

2017-07-17 01:18 PM
25
cve
cve

CVE-2017-1000074

Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the string_repeat() function.

9.8CVSS

9.4AI Score

0.003EPSS

2017-07-17 01:18 PM
27
cve
cve

CVE-2017-1000075

Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function

9.8CVSS

9.4AI Score

0.003EPSS

2017-07-17 01:18 PM
34
cve
cve

CVE-2017-1000172

Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free condition...

9.8CVSS

9.5AI Score

0.01EPSS

2017-11-17 03:29 AM
36
cve
cve

CVE-2017-1000173

Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow.

9.8CVSS

9.4AI Score

0.005EPSS

2017-11-17 03:29 AM
25
cve
cve

CVE-2017-1000437

Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution.

9.8CVSS

9.9AI Score

0.026EPSS

2018-01-02 11:29 PM
28
cve
cve

CVE-2018-13795

Gravity before 0.5.1 does not support a maximum recursion depth.

7.5CVSS

7.5AI Score

0.001EPSS

2018-07-09 09:29 PM
19
cve
cve

CVE-2021-32281

An issue was discovered in gravity through 0.8.1. A heap-buffer-overflow exists in the function gnode_function_add_upvalue located in gravity_ast.c. It allows an attacker to cause code Execution.

7.8CVSS

7.5AI Score

0.001EPSS

2021-09-20 04:15 PM
21
cve
cve

CVE-2021-32282

An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function ircode_add_check() located in gravity_ircode.c. It allows an attacker to cause Denial of Service.

5.5CVSS

5.4AI Score

0.001EPSS

2021-09-20 04:15 PM
21
cve
cve

CVE-2021-32283

An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function gravity_string_to_value() located in gravity_value.c. It allows an attacker to cause Denial of Service.

5.5CVSS

5.4AI Score

0.001EPSS

2021-09-20 04:15 PM
21
cve
cve

CVE-2021-32284

An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function ircode_register_pop_context_protect() located in gravity_ircode.c. It allows an attacker to cause Denial of Service.

7.8CVSS

7.4AI Score

0.001EPSS

2021-09-20 04:15 PM
21
cve
cve

CVE-2021-32285

An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function list_iterator_next() located in gravity_core.c. It allows an attacker to cause Denial of Service.

5.5CVSS

5.4AI Score

0.001EPSS

2021-09-20 04:15 PM
22