Lucene search
+L
Picoc ProjectPicoc

12 matches found

CVE
CVE
added 2022/11/08 12:0 a.m.66 views

CVE-2022-44318

CVE-2022-44318 affects PicoC 3.2.2, with a heap buffer overflow in the StringStrcat function (stdlib/string.c) when invoked via ExpressionParseFunctionCall. Root cause: improper handling during string concatenation leading to a heap overflow. Impact stated as availability-related (HIGH) in CVSS d...

5.5CVSS5.7AI score0.0033EPSS
CVE
CVE
added 2022/07/28 10:50 p.m.63 views

CVE-2022-34556

PicoC 3.2.2 contains a NULL pointer dereference in variable.c, causing crashes (denial of service potential). The CVE entry notes PicoC v3.2.2 as vulnerable due to a NULL dereference; Red Hat and CNVD/CNNVD entries reiterate the issue. A dedicated exploit demonstrating the NULL pointer dereferenc...

5.5CVSS5.5AI score0.0031EPSS
CVE
CVE
added 2022/11/08 12:0 a.m.63 views

CVE-2022-44316

PicoC 3.2.2 is affected by a heap buffer overflow in LexGetStringConstant (lex.c) when invoked via LexScanGetToken. This CVE (CVE-2022-44316) is documented across multiple sources (NVD, Red Hat, OSV, CNNVD, etc.). The issue arises within the LexGetStringConstant routine and results in a high impa...

5.5CVSS5.7AI score0.00312EPSS
CVE
CVE
added 2022/11/08 12:0 a.m.63 views

CVE-2022-44317

CVE-2022-44317 affects PicoC 3.2.2. A heap buffer overflow occurs in the StdioOutPutc function in stdlib/stdio.c when called from ExpressionParseFunctionCall. CVSS metrics in the initial record show a base score of 5.5 (Medium) with LOCAL attack vector, LOW attack complexity, no privileges requir...

5.5CVSS5.7AI score0.00312EPSS
CVE
CVE
added 2022/11/08 12:0 a.m.63 views

CVE-2022-44320

PicoC 3.2.2 contains a heap buffer overflow in the ExpressionCoerceFP function (expression.c) when called from ExpressionParseFunctionCall. Root cause: overflow in heap handling within the interpreter’s expression parsing. Reported impact includes availability impact (possible crash) with CVSS: L...

5.5CVSS5.8AI score0.00312EPSS
CVE
CVE
added 2022/11/08 12:0 a.m.62 views

CVE-2022-44319

PicoC 3.2.2 is affected by a heap buffer overflow in StdioBasePrintf (stdlib/string.c) triggered when called via ExpressionParseFunctionCall. Documented impact and details: CVE-2022-44319 with CVSS v3.1 metrics showing a local attacker can cause high availability impact; base score 5.5 (Medium), ...

5.5CVSS5.8AI score0.00312EPSS
CVE
CVE
added 2022/11/08 12:0 a.m.61 views

CVE-2022-44315

CVE-2022-44315 affects PicoC 3.2.2. The vulnerability is a heap buffer overflow in ExpressionAssign (expression.c) when invoked via ExpressionParseFunctionCall. The provided documents describe the issue’s root cause and affected component but do not provide a patch version or remediation steps. P...

5.5CVSS5.7AI score0.00312EPSS
CVE
CVE
added 2022/11/08 12:0 a.m.61 views

CVE-2022-44321

The CVE-2022-44321 entry covers a heap buffer overflow in PicoC 3.2.2, occurring in LexSkipComment (lex.c) when invoked via LexScanGetToken. This is a local issue (AV:L, AC:L, PR:N, UI:R) with a Medium base score (5.5) and Availability impact listed as High; exploitation status is not provided in...

5.5CVSS5.7AI score0.00314EPSS
CVE
CVE
added 2022/11/08 12:0 a.m.57 views

CVE-2022-44312

CVE-2022-44312 affects PicoC version 3.2.2, with a heap buffer overflow in the ExpressionCoerceInteger function (expression.c) when invoked via ExpressionInfixOperator. The issue is documented across multiple sources and has a CVSSv3.1 base score of 5.5 (Medium, Local, Availability impact). A pat...

5.5CVSS5.8AI score0.00325EPSS
CVE
CVE
added 2022/11/08 12:0 a.m.55 views

CVE-2022-44313

CVE-2022-44313 affects PicoC 3.2.2 with a heap buffer overflow in ExpressionCoerceUnsignedInteger (expression.c) when invoked via ExpressionParseFunctionCall. Public details shown in multiple sources indicate Local access, Low attack complexity, User interaction required, and Availability impact ...

5.5CVSS5.7AI score0.00312EPSS
CVE
CVE
added 2022/11/08 12:0 a.m.55 views

CVE-2022-44314

PicoC 3.2.2 contains a heap buffer overflow in StringStrncpy in cstdlib/string.c when invoked via ExpressionParseFunctionCall. Descriptions across multiple sources indicate this boundary/overflow can be triggered by processing untrusted input, with the consequence described as a denial of service...

5.5CVSS5.7AI score0.00312EPSS
CVE
CVE
added 2019/09/13 11:7 a.m.54 views

CVE-2019-16277

PicoC 2.1 is affected by CVE-2019-16277 due to a heap-based buffer overflow in StringStrcpy in cstdlib/string.c when invoked from ExpressionParseFunctionCall in expression.c. The Red Hat entry confirms impact on PicoC 2.1; other references consistently describe the same issue. No exploit or mitig...

7.8CVSS7.8AI score0.00891EPSS