14 matches found
CVE-2026-40504
CVE-2026-40504 affects Creolabs Gravity prior to 0.9.6. A heap buffer overflow in gravity_vm_exec can be triggered by scripts containing many string literals at global scope, with insufficient bounds checking in gravity_fiber_reassign() that can corrupt heap metadata and lead to arbitrary code ex...
EUVD-2018-5733
Malware in sbrugna...
EUVD-2021-19138
Malware in sbrugna...
CVE-2021-32285
An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function listiteratornext located in gravitycore.c. It allows an attacker to cause Denial of Service...
gravity 代码问题漏洞
Gravity is a powerful, dynamically typed, lightweight, embedded programming language written in C. A null pointer dereference vulnerability exists in the listiteratornext function in gravitycore.c in Gravity 0.8.1 and earlier versions. An attacker could exploit this vulnerability to cause a denia...
Creolabs Gravity 'operator_string_add' function stack buffer overflow vulnerability
Creolabs Gravity is an open source lightweight embedded programming language from Creolabs, Italy. The language supports procedural programming, object-oriented programming, functional programming and data-driven programming. A stack buffer overflow vulnerability exists in the 'operatorstringadd'...
Design/Logic Flaw
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravitylexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free conditio...
Heap overflow
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow...
CVE-2017-1000172
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravitylexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free conditio...
CVE-2017-1000172
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravitylexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free conditio...
CVE-2017-1000075
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function...
CVE-2017-1000074
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the stringrepeat function...
CVE-2017-1000074
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the stringrepeat function...
CVE-2017-1000075
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function...