Lucene search
+L

16 matches found

cve
cve
added 2026/04/16 1:10 a.m.20 views

CVE-2026-40504

CVE-2026-40504 affects Creolabs Gravity prior to 0.9.6. A heap buffer overflow in gravity_vm_exec can be triggered by scripts containing many string literals at global scope, with insufficient bounds checking in gravity_fiber_reassign() that can corrupt heap metadata and lead to arbitrary code ex...

9.8CVSS6.6AI score0.0064EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-5733

Malware in sbrugna...

7.5CVSS7.6AI score0.01456EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-19138

Malware in sbrugna...

5.5CVSS5.5AI score0.00635EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/22 7:44 p.m.5 views

CVE-2021-32285

An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function listiteratornext located in gravitycore.c. It allows an attacker to cause Denial of Service...

5.5CVSS6.8AI score0.00635EPSS
Exploits1References1
attackerkb
attackerkb
added 2021/09/20 4:15 p.m.3 views

CVE-2021-32284

An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function ircoderegisterpopcontextprotect located in gravityircode.c. It allows an attacker to cause Denial of Service...

7.8CVSS7AI score0.00764EPSS
Exploits1References2
attackerkb
attackerkb
added 2021/09/20 4:15 p.m.5 views

CVE-2021-32282

An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function ircodeaddcheck located in gravityircode.c. It allows an attacker to cause Denial of Service...

5.5CVSS6.2AI score0.00635EPSS
Exploits1References2
cnnvd
cnnvd
added 2021/09/20 12:0 a.m.2 views

gravity 代码问题漏洞

Gravity is a powerful, dynamically typed, lightweight, embedded programming language written in C. A null pointer dereference vulnerability exists in the listiteratornext function in gravitycore.c in Gravity 0.8.1 and earlier versions. An attacker could exploit this vulnerability to cause a denia...

5.5CVSS5.8AI score0.00635EPSS
Exploits1References2
cnvd
cnvd
added 2018/01/03 12:0 a.m.6 views

Creolabs Gravity 'operator_string_add' function stack buffer overflow vulnerability

Creolabs Gravity is an open source lightweight embedded programming language from Creolabs, Italy. The language supports procedural programming, object-oriented programming, functional programming and data-driven programming. A stack buffer overflow vulnerability exists in the 'operatorstringadd'...

9.8CVSS7.6AI score0.038EPSS
Exploits1References1
prion
prion
added 2017/11/17 3:29 a.m.15 views

Design/Logic Flaw

Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravitylexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free conditio...

7.5CVSS9.5AI score0.02437EPSS
Exploits1References1Affected Software1
nvd
nvd
added 2017/11/17 3:29 a.m.44 views

CVE-2017-1000172

Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravitylexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free conditio...

9.8CVSS9.6AI score0.02437EPSS
Exploits1References1
prion
prion
added 2017/11/17 3:29 a.m.16 views

Heap overflow

Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow...

7.5CVSS9.4AI score0.02462EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2017/11/17 3:0 a.m.30 views

CVE-2017-1000172

Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravitylexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free conditio...

9.6AI score0.02437EPSS
Exploits1References1
osv
osv
added 2017/07/17 1:18 p.m.2 views

CVE-2017-1000074

Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the stringrepeat function...

9.8CVSS5.8AI score0.01976EPSS
Exploits1References1
nvd
nvd
added 2017/07/17 1:18 p.m.13 views

CVE-2017-1000075

Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function...

9.8CVSS9.6AI score0.02049EPSS
Exploits1References1
cvelist
cvelist
added 2017/07/13 8:0 p.m.15 views

CVE-2017-1000074

Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the stringrepeat function...

9.6AI score0.01976EPSS
Exploits1References1
cvelist
cvelist
added 2017/07/13 8:0 p.m.19 views

CVE-2017-1000075

Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function...

9.6AI score0.02049EPSS
Exploits1References1
Rows per page
Query Builder