Filtered by vendor Gnu Subscriptions
Filtered by product Cflow Subscriptions

Search

Switch to Advanced Search (Beta)
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-8736 1 Gnu 1 Cflow 2025-08-12 5.3 Medium
A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
CVE-2025-8735 1 Gnu 1 Cflow 2025-08-12 3.3 Low
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
CVE-2023-2789 1 Gnu 1 Cflow 2024-11-21 3.5 Low
A vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-229373 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2020-23856 2 Fedoraproject, Gnu 2 Fedora, Cflow 2024-11-21 5.5 Medium
Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.
CVE-2019-16166 1 Gnu 1 Cflow 2024-11-21 6.5 Medium
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.
CVE-2019-16165 1 Gnu 1 Cflow 2024-11-21 6.5 Medium
GNU cflow through 1.6 has a use-after-free in the reference function in parser.c.