Gravity Gtd
by Gravity Gtd
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-32284 | Hig | 0.51 | 7.8 | 0.01 | Sep 20, 2021 | An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function ircode_register_pop_context_protect() located in gravity_ircode.c. It allows an attacker to cause Denial of Service. | ||
| CVE-2021-32281 | Hig | 0.51 | 7.8 | 0.01 | Sep 20, 2021 | An issue was discovered in gravity through 0.8.1. A heap-buffer-overflow exists in the function gnode_function_add_upvalue located in gravity_ast.c. It allows an attacker to cause code Execution. | ||
| CVE-2021-32285 | Med | 0.36 | 5.5 | 0.01 | Sep 20, 2021 | An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function list_iterator_next() located in gravity_core.c. It allows an attacker to cause Denial of Service. | ||
| CVE-2021-32283 | Med | 0.36 | 5.5 | 0.01 | Sep 20, 2021 | An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function gravity_string_to_value() located in gravity_value.c. It allows an attacker to cause Denial of Service. | ||
| CVE-2021-32282 | Med | 0.36 | 5.5 | 0.01 | Sep 20, 2021 | An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function ircode_add_check() located in gravity_ircode.c. It allows an attacker to cause Denial of Service. | ||
| CVE-2008-5963 | 0.03 | — | 0.03 | Jan 23, 2009 | Eval injection vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to execute arbitrary PHP code via the objectname parameter. | |||
| CVE-2008-5962 | 0.03 | — | 0.02 | Jan 23, 2009 | Directory traversal vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the objectname parameter. |
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function ircode_register_pop_context_protect() located in gravity_ircode.c. It allows an attacker to cause Denial of Service.
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in gravity through 0.8.1. A heap-buffer-overflow exists in the function gnode_function_add_upvalue located in gravity_ast.c. It allows an attacker to cause code Execution.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function list_iterator_next() located in gravity_core.c. It allows an attacker to cause Denial of Service.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function gravity_string_to_value() located in gravity_value.c. It allows an attacker to cause Denial of Service.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function ircode_add_check() located in gravity_ircode.c. It allows an attacker to cause Denial of Service.
- CVE-2008-5963Jan 23, 2009risk 0.03cvss —epss 0.03
Eval injection vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to execute arbitrary PHP code via the objectname parameter.
- CVE-2008-5962Jan 23, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the objectname parameter.