ROS-20260401-73-0047

Vulnerability in cflow related to incorrect resource cleanup or release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EUVD-2019-6985

Malware in sbrugna...

EUVD-2025-24014

Malicious code in bioql PyPI...

SUSE CVE-2025-8735

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

CVE-2025-8735

A flaw was found in cflow. The yylex function in c.c exhibits a null pointer dereference due to manipulation, allowing a local attacker to trigger a denial of service via crafted input. This condition arises from improper handling of lexical analysis data. The resulting null pointer dereference c...

CVE-2025-8736

A flaw was found in cflow. The yylex function in c.c exhibits a buffer overflow vulnerability, triggered by manipulation of input data. A local attacker could exploit this issue to cause an application level denial of service. This vulnerability stems from insufficient bounds checking during...

CVE-2025-8735

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

CVE-2025-8736

A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...

CVE-2025-8735 GNU cflow Lexer c.c yylex null pointer dereference

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

CVE-2025-8735

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

CVE-2025-8735

CVE-2025-8735 affects GNU cflow up to 1.8. The flaw is in the Lexer component, specifically the function yylex in the file c.c, where manipulation leads to a null pointer dereference . Exploitation requires local access, and public disclosure of the exploit is noted in the sources. The connected ...

Linux Distros Unpatched Vulnerability : CVE-2020-23856

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-Free vulnerability in cflow 1.6 in the void callchar name, int line function at src/parser.c, which could cause a denial of service via the pointer...

PT-2025-32391 · Gnu +1 · Gnu Cflow +1

Name of the Vulnerable Software and Affected Versions: GNU cflow versions up to 1.8 Description: A problematic issue exists in GNU cflow due to a null pointer dereference in the yylex function within the c.c file of the Lexer component. This issue can be exploited locally. The exploit has been...

SUSE CVE-2019-16165

GNU cflow through 1.6 has a use-after-free in the reference function in parser.c...

USN-5375-1 cflow vulnerability

It was discovered that GNU cflow was incorrectly handling memory cleanup operations at the end of a compilation module. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

Denial Of Service (DoS)

cflow is vulnerable to denial of service. The vulnerability exists due to a use-after-free in the reference function in parser.c...

Denial Of Service (DoS)

cflow is vulnerable to denial of service. The vulnerability exists due to a Use-after-Free via the pointer variable caller-callee in cflow in the void callchar name, int line function at src/parser.c...

CVE-2020-23856

Use-after-Free vulnerability in cflow 1.6 in the void callchar name, int line function at src/parser.c, which could cause a denial of service via the pointer variable caller-callee...

CVE-2019-16165

GNU cflow through 1.6 has a use-after-free in the reference function in parser.c...