VYPR
Vendor

Avalanche

Products
3
CVEs
11
Across products
11
Status
Private

Products

3

Recent CVEs

11
  • CVE-2023-46264CriDec 19, 2023
    risk 0.71cvss 9.8epss 0.90

    An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.

  • CVE-2023-46263CriDec 19, 2023
    risk 0.70cvss 9.8epss 0.82

    An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remote code execution.

  • CVE-2023-46217CriDec 19, 2023
    risk 0.67cvss 9.8epss 0.36

    An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.

  • CVE-2023-46261CriDec 19, 2023
    risk 0.65cvss 9.8epss 0.11

    An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.

  • CVE-2023-46220CriDec 19, 2023
    risk 0.65cvss 9.8epss 0.11

    An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.

  • CVE-2023-46265CriDec 19, 2023
    risk 0.64cvss 9.8epss 0.04

    An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery (SSRF).

  • CVE-2023-46223CriDec 19, 2023
    risk 0.64cvss 9.8epss 0.07

    An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.

  • CVE-2023-46222CriDec 19, 2023
    risk 0.64cvss 9.8epss 0.07

    An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.

  • CVE-2023-46221CriDec 19, 2023
    risk 0.64cvss 9.8epss 0.07

    An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.

  • CVE-2023-46804HigDec 19, 2023
    risk 0.49cvss 7.5epss 0.04

    An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).

  • CVE-2023-46803HigDec 19, 2023
    risk 0.49cvss 7.5epss 0.04

    An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).