254 matches found
CVE-2025-8736
A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...
CVE-2025-8735 GNU cflow Lexer c.c yylex null pointer dereference
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...
CVE-2025-8735 GNU cflow Lexer c.c yylex null pointer dereference
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...
CVE-2025-8735
CVE-2025-8735 affects GNU cflow up to 1.8. The flaw is in the Lexer component, specifically the function yylex in the file c.c, where manipulation leads to a null pointer dereference . Exploitation requires local access, and public disclosure of the exploit is noted in the sources. The connected ...
CVE-2025-8735
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...
CVE-2022-42227
jsonlint 1.0 is vulnerable to heap-buffer-overflow via /home/hjsz/jsonlint/src/lexer...
CVE-2020-36458
An issue was discovered in the lexer crate through 2020-11-10 for Rust. For ReaderResult, there is an implementation of Sync with a trait bound of T: Send, E: Send...
PT-2025-32391 · Gnu +1 · Gnu Cflow +1
Name of the Vulnerable Software and Affected Versions: GNU cflow versions up to 1.8 Description: A problematic issue exists in GNU cflow due to a null pointer dereference in the yylex function within the c.c file of the Lexer component. This issue can be exploited locally. The exploit has been...
PT-2025-32407 · Gnu +1 · Gnu Cflow +1
Name of the Vulnerable Software and Affected Versions: GNU cflow versions up to 1.8 Description: A critical vulnerability exists in GNU cflow up to version 1.8. The issue is located in the yylex function within the c.c file of the Lexer component and leads to a buffer overflow. Local access is...
RHEL 8 : python-mako (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-mako: REDoS in Lexer class CVE-2022-40023 Note that Nessus has not tested for this issue but has instead...
OSV-2024-431 Use-of-uninitialized-value in Lexer::ReadToken
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68581 Crash type: Use-of-uninitialized-value Crash state: Lexer::ReadToken Lexer::PeekToken ManifestParser::ParseRule...
OSV-2024-423 Use-of-uninitialized-value in Lexer::Error
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68680 Crash type: Use-of-uninitialized-value Crash state: Lexer::Error Parser::ExpectToken ManifestParser::ParseLet...
OSV-2024-420 Use-of-uninitialized-value in Lexer::Error
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68397 Crash type: Use-of-uninitialized-value Crash state: Lexer::Error ManifestParser::ParseRule ManifestParser::Parse...
OSV-2024-409 Use-of-uninitialized-value in Lexer::ReadToken
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68486 Crash type: Use-of-uninitialized-value Crash state: Lexer::ReadToken ManifestParser::Parse Parser::Load...
PT-2024-40764 · Git +1 · Ninja
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the following functions: Lexer::ReadToken,...
PT-2024-40757 · Git +1 · Ninja
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the Lexer::ReadToken function, which is called by...
PT-2024-40762 · Git +1 · Ninja
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the Lexer::Error state, specifically during the...
PT-2024-40760 · Git +1 · Ninja
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the Lexer::Error function, which is called by...
pygments: ReDoS in pygments
A denial-of-service vulnerability related to regular expressions was discovered in Pygments, specifically in the file pygments/lexers/smithy.py. An attacker could exploit this flaw by sending a carefully crafted request, leading to a denial-of-service situation...
EulerOS 2.0 SP8 : python-mako (EulerOS-SA-2024-1294)
According to the versions of the python-mako packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects...