Lucene search
K

254 matches found

AlpineLinux
AlpineLinux
added 2025/08/08 7:2 p.m.3 views

CVE-2025-8736

A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...

5.3CVSS7.3AI score0.0016EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/08/08 6:32 p.m.12 views

CVE-2025-8735 GNU cflow Lexer c.c yylex null pointer dereference

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

4.8CVSS0.00145EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/08/08 6:32 p.m.4 views

CVE-2025-8735 GNU cflow Lexer c.c yylex null pointer dereference

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

4.8CVSS4.3AI score0.00145EPSS
Exploits0References6
CVE
CVE
added 2025/08/08 6:32 p.m.36 views

CVE-2025-8735

CVE-2025-8735 affects GNU cflow up to 1.8. The flaw is in the Lexer component, specifically the function yylex in the file c.c, where manipulation leads to a null pointer dereference . Exploitation requires local access, and public disclosure of the exploit is noted in the sources. The connected ...

4.8CVSS3.9AI score0.00145EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/08/08 6:32 p.m.4 views

CVE-2025-8735

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

4.8CVSS3.3AI score0.00145EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 11:53 p.m.5 views

CVE-2022-42227

jsonlint 1.0 is vulnerable to heap-buffer-overflow via /home/hjsz/jsonlint/src/lexer...

7.5CVSS6.8AI score0.00909EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:31 p.m.4 views

CVE-2020-36458

An issue was discovered in the lexer crate through 2020-11-10 for Rust. For ReaderResult, there is an implementation of Sync with a trait bound of T: Send, E: Send...

8.1CVSS6.8AI score0.00833EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.8 views

PT-2025-32391 · Gnu +1 · Gnu Cflow +1

Name of the Vulnerable Software and Affected Versions: GNU cflow versions up to 1.8 Description: A problematic issue exists in GNU cflow due to a null pointer dereference in the yylex function within the c.c file of the Lexer component. This issue can be exploited locally. The exploit has been...

4.8CVSS4.3AI score0.00145EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.5 views

PT-2025-32407 · Gnu +1 · Gnu Cflow +1

Name of the Vulnerable Software and Affected Versions: GNU cflow versions up to 1.8 Description: A critical vulnerability exists in GNU cflow up to version 1.8. The issue is located in the yylex function within the c.c file of the Lexer component and leads to a buffer overflow. Local access is...

5.3CVSS5.4AI score0.0016EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.12 views

RHEL 8 : python-mako (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-mako: REDoS in Lexer class CVE-2022-40023 Note that Nessus has not tested for this issue but has instead...

7.5CVSS6.9AI score0.01718EPSS
Exploits1References1
OSV
OSV
added 2024/05/05 12:14 a.m.11 views

OSV-2024-431 Use-of-uninitialized-value in Lexer::ReadToken

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68581 Crash type: Use-of-uninitialized-value Crash state: Lexer::ReadToken Lexer::PeekToken ManifestParser::ParseRule...

7.2AI score
Exploits0References1
OSV
OSV
added 2024/05/05 12:12 a.m.11 views

OSV-2024-423 Use-of-uninitialized-value in Lexer::Error

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68680 Crash type: Use-of-uninitialized-value Crash state: Lexer::Error Parser::ExpectToken ManifestParser::ParseLet...

7.2AI score
Exploits0References1
OSV
OSV
added 2024/05/05 12:6 a.m.8 views

OSV-2024-420 Use-of-uninitialized-value in Lexer::Error

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68397 Crash type: Use-of-uninitialized-value Crash state: Lexer::Error ManifestParser::ParseRule ManifestParser::Parse...

7.2AI score
Exploits0References1
OSV
OSV
added 2024/05/05 12:2 a.m.7 views

OSV-2024-409 Use-of-uninitialized-value in Lexer::ReadToken

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68486 Crash type: Use-of-uninitialized-value Crash state: Lexer::ReadToken ManifestParser::Parse Parser::Load...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/05 12:0 a.m.4 views

PT-2024-40764 · Git +1 · Ninja

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the following functions: Lexer::ReadToken,...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/05 12:0 a.m.4 views

PT-2024-40757 · Git +1 · Ninja

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the Lexer::ReadToken function, which is called by...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/05 12:0 a.m.2 views

PT-2024-40762 · Git +1 · Ninja

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the Lexer::Error state, specifically during the...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/05 12:0 a.m.5 views

PT-2024-40760 · Git +1 · Ninja

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the Lexer::Error function, which is called by...

6.9AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/04/23 5:18 p.m.3 views

pygments: ReDoS in pygments

A denial-of-service vulnerability related to regular expressions was discovered in Pygments, specifically in the file pygments/lexers/smithy.py. An attacker could exploit this flaw by sending a carefully crafted request, leading to a denial-of-service situation...

5.5CVSS7.2AI score0.00503EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/03/12 12:0 a.m.29 views

EulerOS 2.0 SP8 : python-mako (EulerOS-SA-2024-1294)

According to the versions of the python-mako packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects...

7.5CVSS7.5AI score0.01718EPSS
Exploits1References2
Rows per page
Query Builder