Skip to main content

Flex

3 CVEs product

Monthly

CVE-2019-6293 MEDIUM POC This Month

An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Flex
NVD GitHub
CVSS 3.0
5.5
EPSS
1.6%
CVE-2016-6354 CRITICAL PATCH Act Now

Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 37.7%.

Denial Of Service RCE Buffer Overflow Debian Linux Flex
NVD GitHub
CVSS 3.0
9.8
EPSS
37.7%
CVE-2015-1773 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in asdoc/templates/index.html in Apache Flex before 4.14.1 allows remote attackers to inject arbitrary web script or HTML by providing a crafted URI to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Apache Flex
NVD
CVSS 2.0
4.3
EPSS
1.3%
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Flex
NVD GitHub
EPSS 38% CVSS 9.8
CRITICAL PATCH Act Now

Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 37.7%.

Denial Of Service RCE Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in asdoc/templates/index.html in Apache Flex before 4.14.1 allows remote attackers to inject arbitrary web script or HTML by providing a crafted URI to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Apache Flex
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy