CVE-2025-8735 | GNU cflow up to 1.8 Lexer c.c yylex null pointer dereference

Inserito da Angelo Barbosa | Ago 8, 2025 | CVE

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference.

This vulnerability is known as CVE-2025-8735. An attack has to be approached locally. Furthermore, there is an exploit available.

CVE-2025-8735 | GNU cflow up to 1.8 Lexer c.c yylex null pointer dereference

Post correlati

CVE-2024-0589 | Devolutions Remote Desktop Manager up to 2023.3.36 on Windows Entry cross site scripting (DEVO-2024-0001)

CVE-2025-46002 | Filemanager up to 2.5.0 HTTP Request filemanager.php path traversal (Exploit 38945 / EDB-38945)

CVE-2024-7752 | SourceCodester Clinics Patient Management System 1.0 /update_medicine.php medicine_name cross site scripting

CVE-2024-43111 | Mozilla Firefox up to 128 on iOS Download Link cross site scripting