Lucene search
K
CreolabsGravity

13 matches found

CVE
CVE
added 2017/11/17 3:0 a.m.60 views

CVE-2017-1000172

Creolabs Gravity 1.0 is affected by a Heap Use-After-Free in gravity_lexer.c (line 542) where the sublexer pointer is freed but still used via lexer , enabling possible code execution. This vulnerability is documented across multiple sources (NVD, Red Hat, CNVD, CNVD-like listings). The available...

9.8CVSS9.5AI score0.02437EPSS
CVE
CVE
added 2017/07/13 8:0 p.m.51 views

CVE-2017-1000075

Creolabs Gravity 1.0 is vulnerable to a stack/buffer overflow in the memcmp function. CNVD-2017-27179 describes a buffer overflow in memcmp for Gravity 1.0, with an attacker able to exploit this vulnerability to terminate a process (infinite loop). No remediation details are provided in the conne...

9.8CVSS9.4AI score0.02049EPSS
CVE
CVE
added 2018/01/02 11:0 p.m.48 views

CVE-2017-1000437

Creolabs Gravity 1.0 is affected by a stack-based buffer overflow in the operator_string_add function that can lead to remote code execution. Multiple sources (NVD, CNVD/PRION/CVELIST) corroborate this vulnerability in Gravity 1.0, with the flaw located in the operator_string_add path and describ...

9.8CVSS9.9AI score0.038EPSS
CVE
CVE
added 2017/07/13 8:0 p.m.46 views

CVE-2017-1000072

Creolabs Gravity 1.0 is affected by a Double Free in the gravity_value function. The root cause is a double-free condition that can lead to modification of memory locations. The CVE entry confirms this for Creolabs Gravity, with an impact described as potential memory corruption. No exploitation ...

9.8CVSS9.2AI score0.02123EPSS
CVE
CVE
added 2021/09/20 3:26 p.m.46 views

CVE-2021-32282

CVE-2021-32282 affects Gravity up to 0.8.1. A NULL pointer dereference in ircode_add_check() (gravity_ircode.c) can lead to Denial of Service. The vulnerability is documented across multiple sources in the connected set, confirming the affected component/file and the impact. No exploit or detaile...

5.5CVSS5.4AI score0.00635EPSS
CVE
CVE
added 2017/07/13 8:0 p.m.45 views

CVE-2017-1000073

Creolabs Gravity 1.0 is affected by a heap overflow in an undisclosed component, enabling arbitrary code execution. This is documented across multiple sources (e.g., NVD/CNVD entries). No specific vulnerable function, module, or exploit details are provided in the supplied documents. The CVE is a...

9.8CVSS9.7AI score0.02931EPSS
CVE
CVE
added 2017/11/17 3:0 a.m.44 views

CVE-2017-1000173

Creolabs Gravity 1.0 is affected by a heap-buffer-overflow vulnerability. The issue arises from constructing a large loop that pushes data into a buffer, allowing an out-of-bounds read when list.join is invoked, breaking bounds checking and triggering potential code execution. The CVE details exp...

9.8CVSS9.4AI score0.02462EPSS
CVE
CVE
added 2021/09/20 3:26 p.m.44 views

CVE-2021-32281

The CVE-2021-32281 issue affects the Gravity language (versions up to and including 0.8.1). A heap-buffer-overflow is located in the function gnode_function_add_upvalue within gravity_ast.c, which can allow an attacker to achieve code execution. The available connected documents confirm the affec...

7.8CVSS7.5AI score0.01052EPSS
CVE
CVE
added 2021/09/20 3:26 p.m.44 views

CVE-2021-32284

Gravity up to 0.8.1 contains a NULL pointer dereference in ircode_register_pop_context_protect() (gravity_ircode.c), allowing an attacker to cause a Denial of Service. This CVE (CVE-2021-32284) is described across multiple sources (NVD, CNVD, Red Hat, OSV, CNVD). Affected versions: Gravity 0.8.1 ...

7.8CVSS7.4AI score0.00764EPSS
CVE
CVE
added 2017/07/13 8:0 p.m.43 views

CVE-2017-1000074

Creolabs Gravity 1.0 is affected by a stack overflow in the string_repeat() function. CNVD-2017-27180 & NVD/NVD-derived entries describe a stack buffer overflow in string_repeat() that can allow memory corruption and control of program memory. Details across connected sources confirm the affected...

9.8CVSS9.4AI score0.01976EPSS
CVE
CVE
added 2021/09/20 3:26 p.m.43 views

CVE-2021-32285

CVE-2021-32285 affects Gravity up to version 0.8.1. A NULL pointer dereference in the function list_iterator_next() (gravity_core.c) can lead to Denial of Service. The linked sources confirm the vulnerability details and impact but do not provide specific exploit code, affected platforms, or a co...

5.5CVSS5.4AI score0.00635EPSS
CVE
CVE
added 2018/07/09 9:0 p.m.40 views

CVE-2018-13795

CVE-2018-13795 affects Gravity prior to 0.5.1. The issue is described as: Gravity before 0.5.1 does not support a maximum recursion depth. Connected sources list Gravity-specific references with this description; no additional technical details (root cause, affected versions beyond the pre-0.5.1 ...

7.5CVSS7.5AI score0.01456EPSS
CVE
CVE
added 2021/09/20 3:26 p.m.39 views

CVE-2021-32283

CVE-2021-32283 affects the Gravity project up to version 0.8.1. The vulnerability is a NULL pointer dereference in the function gravity_string_to_value() in gravity_value.c, which can lead to Denial of Service . Exploit status, impact scope, and remediation details are not provided in the supplie...

5.5CVSS5.4AI score0.00635EPSS