46 matches found
EUVD-2017-1454
Malware in sbrugna...
EUVD-2017-1389
Malware in sbrugna...
EUVD-2017-1391
Malware in sbrugna...
EUVD-2017-1568
Malware in sbrugna...
EUVD-2017-1390
Malware in sbrugna...
EUVD-2017-1392
Malware in sbrugna...
CVE-2017-1000172
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravitylexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free conditio...
CVE-2017-1000173
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow...
Creolabs Gravity 'operator_string_add' function stack buffer overflow vulnerability
Creolabs Gravity is an open source lightweight embedded programming language from Creolabs, Italy. The language supports procedural programming, object-oriented programming, functional programming and data-driven programming. A stack buffer overflow vulnerability exists in the 'operatorstringadd'...
CVE-2017-1000437
Creolabs Gravity 1.0 contains a stack based buffer overflow in the operatorstringadd function, resulting in remote code execution...
Stack overflow
Creolabs Gravity 1.0 contains a stack based buffer overflow in the operatorstringadd function, resulting in remote code execution...
CVE-2017-1000437
Creolabs Gravity 1.0 is affected by a stack-based buffer overflow in the operator_string_add function that can lead to remote code execution. Multiple sources (NVD, CNVD/PRION/CVELIST) corroborate this vulnerability in Gravity 1.0, with the flaw located in the operator_string_add path and describ...
CVE-2017-1000437
Creolabs Gravity 1.0 contains a stack based buffer overflow in the operatorstringadd function, resulting in remote code execution...
Creolabs Gravity Heap Buffer Overflow Vulnerability
Creolabs Gravity is an open source lightweight embedded programming language from Creolabs, Italy. The language supports procedural programming, object-oriented programming, functional programming and data-driven programming. A heap buffer overflow vulnerability exists in Creolabs Gravity version...
Creolabs Gravity Memory Misreference Vulnerability
Creolabs Gravity is an open source lightweight embedded programming language from Creolabs, Italy. The language supports procedural programming, object-oriented programming, functional programming and data-driven programming. A memory misreference vulnerability exists in Creolabs Gravity version...
Design/Logic Flaw
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravitylexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free conditio...
CVE-2017-1000173
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow...
CVE-2017-1000172
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravitylexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free conditio...
Heap overflow
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow...
CVE-2017-1000172
Creolabs Gravity 1.0 is affected by a Heap Use-After-Free in gravity_lexer.c (line 542) where the sublexer pointer is freed but still used via lexer , enabling possible code execution. This vulnerability is documented across multiple sources (NVD, Red Hat, CNVD, CNVD-like listings). The available...