6 matches found
ndpi:fuzz_process_packet: Use-of-uninitialized-value in ndpi_fill_protocol_category
Project: https://github.com/ntop/nDPI.git Detailed Report: https://oss-fuzz.com/testcase?key=4809256319844352 Project: ndpi Fuzzing Engine: libFuzzer Fuzz Target: fuzzprocesspacket Job Type: libfuzzermsanndpi Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...
php:php-fuzz-mbstring: Heap-use-after-free in optimize_nodes
Detailed Report: https://oss-fuzz.com/testcase?key=5688240959127552 Project: php Fuzzing Engine: libFuzzer Fuzz Target: php-fuzz-mbstring Job Type: libfuzzerasani386php Platform Id: linux Crash Type: Heap-use-after-free READ 4 Crash Address: 0xf52376a0 Crash State: optimizenodes optimizenodes...
qpdf/dct_fuzzer: Use-of-uninitialized-value in ycck_cmyk_convert
Project: https://github.com/qpdf/qpdf.git Detailed report: https://oss-fuzz.com/testcase?key=5632990870241280 Project: qpdf Fuzzer: libFuzzerqpdfdctfuzzer Fuzz target binary: dctfuzzer Job Type: libfuzzermsanqpdf Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State...
imagemagick/encoder_heic_fuzzer: Heap-buffer-overflow in derive_collocated_motion_vectors
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5743506502451200 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderheicfuzzer Fuzz target binary: encoderheicfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...
Using the Nintendo's 6502 processor instruction for Desktop Linux systems to exploit-vulnerability warning-the black bar safety net
gstreamer 0.10. x player NSF format of the music file when a vulnerability exists and a separate logic errors. A combination of both, you can achieve the very stability of the exploit method, and can bypass the 64-bit ASLR, DEP and so on. The so-called stable because the music player available in...
Google Project Zero Vulnerability Disclosure Grace Period
Google’s unwavering vulnerability disclosure deadlines are the latest chapter in a decades-long debate about how to best inform affected users that there’s a security problem with their software. Since the start of the year, Google’s 90-day clock has most notably ticked down to zero on a trio of...