Lucene search
K

96 matches found

OSV
OSV
added 2025/08/08 7:15 p.m.6 views

CVE-2025-8736

A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...

5.3CVSS5.6AI score
Exploits0References6
OSV
OSV
added 2025/08/08 7:15 p.m.2 views

DEBIAN-CVE-2025-8735

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

4.8CVSS3.3AI score0.00133EPSS
Exploits0References1
OSV
OSV
added 2025/08/08 7:15 p.m.10 views

UBUNTU-CVE-2025-8735

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

4.8CVSS4.7AI score0.00133EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/08/08 7:2 p.m.3 views

CVE-2025-8736 GNU cflow Lexer c.c yylex buffer overflow

A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...

5.3CVSS5.6AI score0.00147EPSS
Exploits0References6
CVE
CVE
added 2025/08/08 7:2 p.m.31 views

CVE-2025-8736

CVE-2025-8736 affects GNU cflow up to version 1.8. The vulnerability is in the Lexer’s yylex function in c.c and leads to a buffer overflow. Exploitation requires local access. Publicly disclosed exploit details are noted in the available sources. The provided connected documents confirm the affe...

5.3CVSS5.3AI score0.00147EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/08/08 7:2 p.m.12 views

CVE-2025-8736 GNU cflow Lexer c.c yylex buffer overflow

A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...

5.3CVSS0.00147EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/08/08 7:2 p.m.10 views

CVE-2025-8736

A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...

5.3CVSS5.2AI score0.00147EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/08/08 7:2 p.m.3 views

CVE-2025-8736

A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...

5.3CVSS7.3AI score0.00147EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/08/08 6:32 p.m.4 views

CVE-2025-8735 GNU cflow Lexer c.c yylex null pointer dereference

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

4.8CVSS4.3AI score0.00133EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/08/08 6:32 p.m.12 views

CVE-2025-8735 GNU cflow Lexer c.c yylex null pointer dereference

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

4.8CVSS0.00133EPSS
Exploits0References6
CVE
CVE
added 2025/08/08 6:32 p.m.36 views

CVE-2025-8735

CVE-2025-8735 affects GNU cflow up to 1.8. The flaw is in the Lexer component, specifically the function yylex in the file c.c, where manipulation leads to a null pointer dereference . Exploitation requires local access, and public disclosure of the exploit is noted in the sources. The connected ...

4.8CVSS3.9AI score0.00133EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/08/08 6:32 p.m.4 views

CVE-2025-8735

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

4.8CVSS3.3AI score0.00133EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/08/08 6:32 p.m.3 views

CVE-2025-8735

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

4.8CVSS7.2AI score0.00133EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/08/08 12:0 a.m.4 views

GNU cflow 安全漏洞

GNU cflow is a flowchart generator for the US GNU community that reads C source files and generates externally referenced flowcharts. A buffer overflow vulnerability exists in GNU cflow version 1.8 and earlier, which originates from a boundary error when the application handles untrusted input. A...

5.3CVSS7.9AI score0.00147EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/08/08 12:0 a.m.4 views

GNU cflow 安全漏洞

GNU cflow is a flowchart generator from the US GNU community that reads C source files and generates externally referenced flowcharts. A security vulnerability exists in GNU cflow version 1.8 and earlier, which stems from a null pointer dereference problem...

4.8CVSS4.2AI score0.00133EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-23856

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-Free vulnerability in cflow 1.6 in the void callchar name, int line function at src/parser.c, which could cause a denial of service via the pointer...

5.5CVSS6.1AI score0.0042EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2019-16165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU cflow through 1.6 has a use-after-free in the reference function in parser.c. CVE-2019-16165 Note that Nessus relies on the presence of the package as...

6.5CVSS6.4AI score0.01114EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.6 views

PT-2025-32391 · Gnu +1 · Gnu Cflow +1

Name of the Vulnerable Software and Affected Versions: GNU cflow versions up to 1.8 Description: A problematic issue exists in GNU cflow due to a null pointer dereference in the yylex function within the c.c file of the Lexer component. This issue can be exploited locally. The exploit has been...

4.8CVSS4.3AI score0.00133EPSS
Exploits0References17
OSV
OSV
added 2024/06/15 12:0 a.m.14 views

OPENSUSE-SU-2024:11709-1 cflow-1.7-1.1 on GA media

These are all security issues fixed in the cflow-1.7-1.1 package on the GA media of openSUSE Tumbleweed...

6.5CVSS6.5AI score0.01114EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.28 views

Ubuntu 16.04 ESM / 18.04 ESM : GNU cflow vulnerability (USN-5375-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5375-1 advisory. It was discovered that GNU cflow was incorrectly handling memory cleanup operations at the end of a compilation module. An attacker could possibly use...

6.5CVSS6.8AI score0.01114EPSS
Exploits0References2
Rows per page
Query Builder