OSV-2024-1209 Heap-use-after-free in xmlValidateOneElement

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372547409 Crash type: Heap-use-after-free READ 4 Crash state: xmlValidateOneElement xmlValidateElement api.c...

UBUNTU-CVE-2024-35325

A vulnerability was found in libyaml up to 0.2.5. Affected by this issue is the function yamleventdelete of the file /src/libyaml/src/api.c. The manipulation leads to a double-free...

CVE-2024-35329

A vulnerability was found in libyaml 0.2.5. This issue is caused by a heap-based buffer overflow in yamldocumentaddsequence in api.c...

CVE-2024-35329

...

CVE-2024-35329

The connected documents indicate a vulnerability in libyaml 0.2.5, caused by a heap-based buffer overflow in yaml_document_add_sequence within api.c. The impact and exploitation specifics are not detailed in the provided sources. There is no publicly available remediation version stated in these ...

CVE-2024-35329

Removed by vendor...

OSV-2024-217 Heap-use-after-free in dropNode

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67670 Crash type: Heap-use-after-free READ 8 Crash state: dropNode api.c xmlFreeNodeList...

PT-2024-40681 · Git +1 · Libxml2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free error, specifically a READ 8 crash type. The crash occurs in the dropNode function, within the api.c file,...

OSV-2024-194 Heap-use-after-free in xmlDOMWrapNSNormAcquireNormalizedNs

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67560 Crash type: Heap-use-after-free READ 8 Crash state: xmlDOMWrapNSNormAcquireNormalizedNs xmlDOMWrapReconcileNamespaces api.c...

OSV-2024-193 Use-of-uninitialized-value in api.c

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67552 Crash type: Use-of-uninitialized-value Crash state: api.c xmlSearchNsByHref...

PT-2024-40674 · Git +1 · Libxml2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of "Use-of-uninitialized-value" in the xmlSearchNsByHref function within api.c. Recommendations: At the moment, ther...

CVE-2024-23848

A vulnerability was found in the Linux kernel. A use-after-free exists in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c...

Design/Logic Flaw

In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c...

CVE-2024-23848

In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c...

CVE-2024-23848

In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c...

CVE-2020-36766

An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning logaddrs with a hole in the struct...

UBUNTU-CVE-2016-9011

The wmfmalloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service application crash via a crafted wmf file, which triggers a memory allocation failure...