6045 matches found
OSV-2026-74 Heap-buffer-overflow in ___interceptor_strtol
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476180586 Crash type: Heap-buffer-overflow READ 3 Crash state: interceptorstrtol Assimp::ObjFileParser::getFace Assimp::ObjFileParser::parseFile...
OSV-2026-65 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476179553 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/sun.nio.cs.UTF8$Encoder.encodeArrayLoop java.base/sun.nio.cs.UTF8$Encoder.encodeLoop...
OSV-2026-55 Use-of-uninitialized-value in vp9_quantize_fp_avx2
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=475583924 Crash type: Use-of-uninitialized-value Crash state: vp9quantizefpavx2 blockyrd vp9pickintermode...
OSV-2026-53 Heap-use-after-free in graph::LigatureSubstFormat1::shrink
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=475607265 Crash type: Heap-use-after-free READ 8 Crash state: graph::LigatureSubstFormat1::shrink graph::LigatureSubstFormat1::splitcontextt::shrink hbvectort graph::actuatesubtablesplitgraph::LigatureSu...
OSV-2026-49 Heap-buffer-overflow in check_sync_pes
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=475305126 Crash type: Heap-buffer-overflow READ Crash state: checksyncpes Demux demuxprocessstream...
OSV-2026-30 Use-of-uninitialized-value in vp9_quantize_fp_avx2
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=474614578 Crash type: Use-of-uninitialized-value Crash state: vp9quantizefpavx2 blockyrd vp9pickintermode...
OSV-2026-4 UNKNOWN READ in rb_managed_id_table_lookup
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=472871119 Crash type: UNKNOWN READ Crash state: rbmanagedidtablelookup vmlookupcc rbvmsearchmethodslowpath...
OSV-2026-2 Heap-buffer-overflow in cmt_mpack_consume_uint_tag
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=472785094 Crash type: Heap-buffer-overflow WRITE 8 Crash state: cmtmpackconsumeuinttag cmtmpackunpackarray cmtmpackunpackmap...
OSV-2025-1049 Heap-buffer-overflow in unsigned char* std::__1::vector<unsigned char, std::__1::allocator<unsigned char
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=472222304 Crash type: Heap-buffer-overflow READ 1 Crash state: unsigned char std::1::vectorunsigned char, std::1::allocatorunsigned char pcpp::TLSECPointFormatExtension::getECPointFormatList...
OSV-2025-1018 Stack-buffer-overflow in lre_exec
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=471304472 Crash type: Stack-buffer-overflow READ 8 Crash state: lreexec fuzzregexp.c...
OSV-2025-1016 Use-of-uninitialized-value in js_create_function
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=471075808 Crash type: Use-of-uninitialized-value Crash state: jscreatefunction JSEvalInternal JSEvalObject...
OSV-2025-1001 Dynamic-stack-buffer-overflow in _ox_err_set_with_location
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=470447384 Crash type: Dynamic-stack-buffer-overflow READ 1 Crash state: oxerrsetwithlocation readtext readelement...
OSV-2025-970 Heap-buffer-overflow in check_sync_pes
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=465802762 Crash type: Heap-buffer-overflow READ Crash state: checksyncpes Demux demuxprocessstream...
OSV-2025-955 Use-of-uninitialized-value in decoder_context::construct_reference_picture_lists
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=464323256 Crash type: Use-of-uninitialized-value Crash state: decodercontext::constructreferencepicturelists decodercontext::processslicesegmentheader decodercontext::readsliceNAL...
OSV-2025-930 Dynamic-stack-buffer-overflow in _ox_err_set_with_location
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=462353164 Crash type: Dynamic-stack-buffer-overflow READ 1 Crash state: oxerrsetwithlocation readelement oxparse...
OSV-2025-926 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.statement
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=462261562 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.statement java.base/jdk.internal.misc.Unsafe.weakCompareAndSetInt...
OSV-2025-900 Heap-buffer-overflow in DecodeFrame
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=460575093 Crash type: Heap-buffer-overflow READ Crash state: DecodeFrame testdecoderprocess EsOutSend...
Astra Linux – Vulnerability in jq
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-bufferoverflow error occurs in the jvstringvfmt function within the jqfuzzexecute harness from oss-fuzz. This error happens at line 1456 of the jv.c file: void p = mallocsz;. As of the time of publication, no patch...
OSV-2025-865 Heap-buffer-overflow in generic_unpack
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=456158449 Crash type: Heap-buffer-overflow READ 4 Crash state: genericunpack Imf34::ScanLineInputFile::Data::readPixels Imf34::InputFile::readPixels...
OSV-2025-834 Heap-buffer-overflow in std::__1::pair<int, arrow::util::RleBitPackedParser::ControlFlow> arrow::util::R
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=451150486 Crash type: Heap-buffer-overflow READ 3 Crash state: std::1::pair arrow::util::R arrow::util::RleBitPackedDecoder::GetBatch auto parquet::DictByteArrayDecoderImpl::DecodeArrowDense...