cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-2789,https://securityvulnerability.io/vulnerability/CVE-2023-2789,GNU cflow parser.c parse_variable_declaration denial of service,"In GNU cflow version 1.7, a vulnerability has been identified in the `func_body/parse_variable_declaration` function within the `parser.c` file. This vulnerability can be exploited to induce a denial of service, affecting the availability of the application. The issue has been publicly disclosed, and the vendor was notified prior to this disclosure but did not provide a response. Users are advised to pay attention to potential exposure to this vulnerability.",GNU,cflow,7.5,HIGH,0.0018500000005587935,false,,false,false,false,,,false,false,,2023-05-18T13:15:00.000Z,0
CVE-2020-23856,https://securityvulnerability.io/vulnerability/CVE-2020-23856,Use-after-Free Vulnerability in cflow by GNU,"A Use-after-Free vulnerability exists in cflow 1.6, specifically within the void call(char *name, int line) function located at src/parser.c. This flaw arises from the misuse of a pointer variable, caller->callee, which can be exploited to trigger a denial of service condition. Attackers may manipulate memory access, leading to unexpected behaviors and potential crashes of the application.",Gnu,Cflow,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2021-05-18T14:41:03.000Z,0
CVE-2019-16165,https://securityvulnerability.io/vulnerability/CVE-2019-16165,Use-After-Free Vulnerability in GNU cflow Affects Multiple Versions,"GNU cflow versions up to 1.6 are susceptible to a use-after-free vulnerability located in the reference function within parser.c. This flaw can potentially be exploited by attackers to execute arbitrary code or cause unexpected behavior in the software, highlighting the importance of timely updates and patches to safeguard against potential threats. Users should prioritize upgrading to the latest version to mitigate this risk.",Gnu,Cflow,6.5,MEDIUM,0.0009699999936856329,false,,false,false,false,,,false,false,,2019-09-09T15:37:49.000Z,0
CVE-2019-16166,https://securityvulnerability.io/vulnerability/CVE-2019-16166,Heap-based Buffer Over-read in GNU cflow by GNU,"The GNU cflow tool version 1.6 is susceptible to a heap-based buffer over-read in its nexttoken function located in parser.c. This vulnerability may allow an attacker to exploit the affected application, possibly leading to unauthorized data access or application instability. Proper coding practices and input validation measures should be undertaken to mitigate such vulnerabilities.",Gnu,Cflow,6.5,MEDIUM,0.0009699999936856329,false,,false,false,false,,,false,false,,2019-09-09T15:37:41.000Z,0