52 matches found
PT-2024-40821 · Jflex · Jflex
Name of the Vulnerable Software and Affected Versions: jflex affected versions not specified Description: A security exception crash has been reported. The crash occurs in the jflex.core.NFA.insertNFA function, which is called by java.base/java.lang.ClassLoader.defineClass1 and...
OSV-2024-567 Security exception in jflex.core.NFA.insertNFA
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69587 Crash type: Security exception Crash state: jflex.core.NFA.insertNFA jflex.core.unicode.IntCharSet.indexOf jflex.core.unicode.IntCharSet.contains...
CVE-2023-21352
In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21353
In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21353
In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
Out-of-bounds
In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
Out-of-bounds
In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21352
CVE-2023-21352 affects NFA and is caused by a missing bounds check leading to an out-of-bounds read. This can result in local information disclosure without additional execution privileges, and exploitation does not require user interaction, per the provided description. Connected sources corrobo...
CVE-2023-21353
CVE-2023-21353 affects a component labeled NFA in Android, where a missing bounds check can cause an out-of-bounds read. The resulting vulnerability leads to remote information disclosure without requiring privileges or user interaction. Documents consistently describe the impact as information d...
CVE-2023-21352
In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21353
In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21352
In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21353
In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
OSV-2023-636 Security exception in jflex.core.NFA.insertNFA
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61028 Crash type: Security exception Crash state: jflex.core.NFA.insertNFA jflex.core.NFA.insertNFA jflex.core.NFA.insertNFA...
SUSE CVE-2019-6293
An issue was discovered in the function markbeginningasnormal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the markbeginningasnormal function making recursive calls to itself in certain scenarios involving lots of '' characters. Remote attackers could leverage this...
CVE-2022-20147
In nfadmchecksetconfig of nfadmmain.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...
Sql injection
CA Network Flow Analysis NFA 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data...
CVE-2021-44050
CVE-2021-44050 concerns Broadcom CA Network Flow Analysis (NFA) version 21.2.1 and earlier. The connected sources specify a SQL injection vulnerability in the NFA web application caused by insufficient input validation, with an impact of potentially exposing sensitive data to an authenticated use...
CVE-2020-27051
In NFARwI93WriteMultipleBlocks of nfarwapi.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Andro...
An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to itself in certain scenarios involving lots of '*' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service.
...