OSV-2022-953 Dynamic-stack-buffer-overflow in rx_icmp

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51757 Crash type: Dynamic-stack-buffer-overflow WRITE Crash state: rxicmp rxip miprx...

OSV-2021-1670 Dynamic-stack-buffer-overflow in zend_calc_live_ranges

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42156 Crash type: Dynamic-stack-buffer-overflow READ 4 Crash state: zendcalcliveranges passtwo zendcompilefuncdecl...

ASB-A-199065614

In vorbisbookdecodevset of codebook.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

OSV-2021-1634 Dynamic-stack-buffer-overflow in OutputJsonDNP3SetItem

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41487 Crash type: Dynamic-stack-buffer-overflow READ 4 Crash state: OutputJsonDNP3SetItem JsonDNP3LogObjects JsonDNP3LogResponse...

OSV-2021-1015 Dynamic-stack-buffer-overflow in VP8SetSegmentParams

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36191 Crash type: Dynamic-stack-buffer-overflow WRITE Crash state: VP8SetSegmentParams SetLoopParams OneStatPass...

OSV-2021-1008 Dynamic-stack-buffer-overflow in clear_opt_map_info

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36155 Crash type: Dynamic-stack-buffer-overflow WRITE Crash state: clearoptmapinfo optimizenodeleft setoptimizeinfofromtree...

OSV-2021-1003 Dynamic-stack-buffer-overflow in mdb_numeric_to_string

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36187 Crash type: Dynamic-stack-buffer-overflow WRITE 16 Crash state: mdbnumerictostring mdbxferbounddata mdbattemptbind...

OSV-2021-977 Dynamic-stack-buffer-overflow in std::__1::pair<unsigned int, unsigned int>::pair<unsigned int, unsigned int, fal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36062 Crash type: Dynamic-stack-buffer-overflow WRITE 4 Crash state: std::1::pair::pair::type, std::1::unw void GFWX::decode...

OSV-2021-975 Dynamic-stack-buffer-overflow in CryptDigestUpdateInt

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36074 Crash type: Dynamic-stack-buffer-overflow WRITE 8 Crash state: CryptDigestUpdateInt ComputeCpHash CheckCommandAudit...

OSV-2021-958 Dynamic-stack-buffer-overflow in mdb_numeric_to_string

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35972 Crash type: Dynamic-stack-buffer-overflow WRITE 16 Crash state: mdbnumerictostring mdbxferbounddata mdbattemptbind...

OSV-2021-950 Dynamic-stack-buffer-overflow in std::__1::__wrap_iter<hsql::Expr**>::__wrap_iter

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35944 Crash type: Dynamic-stack-buffer-overflow WRITE 8 Crash state: std::1::wrapiter::wrapiter std::1::vector ::makeiter std::1::vector ::begin...

OSV-2021-947 Dynamic-stack-buffer-overflow in hsql::SQLParserResult::addStatement

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35946 Crash type: Dynamic-stack-buffer-overflow WRITE 8 Crash state: hsql::SQLParserResult::addStatement hsqlparse hsql::SQLParser::parse...

CVE-2021-26825

An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::loadimage function at line: const sizet buffersize = tgaheader.imagewidth tgaheader.imageheight pixelsize; The bug leads to...

Integer overflow

An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::loadimage function at line: const sizet buffersize = tgaheader.imagewidth tgaheader.imageheight pixelsize; The bug leads to...

OSV-2020-124 Dynamic-stack-buffer-overflow in RetrieveFPForSig

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21758 Crash type: Dynamic-stack-buffer-overflow WRITE 4 Crash state: RetrieveFPForSig DetectSetFastPatternAndItsId SigGroupBuild...

OSV-2020-85 Dynamic-stack-buffer-overflow in janus_rtcp_incoming_transport_cc

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20529 Crash type: Dynamic-stack-buffer-overflow READ 2 Crash state: janusrtcpincomingtransportcc janusrtcpfixssrc rtcpfuzzer.c...

suricata:fuzz_sigpcap: Dynamic-stack-buffer-overflow in RetrieveFPForSig

Project: https://github.com/OISF/suricata.git Detailed Report: https://oss-fuzz.com/testcase?key=5682380569575424 Project: suricata Fuzzing Engine: libFuzzer Fuzz Target: fuzzsigpcap Job Type: libfuzzerasansuricata Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow WRITE 4 Crash Address...

janus-gateway:rtcp_fuzzer: Dynamic-stack-buffer-overflow in janus_rtcp_incoming_transport_cc

Project: https://github.com/meetecho/janus-gateway.git Detailed Report: https://oss-fuzz.com/testcase?key=5648598425665536 Project: janus-gateway Fuzzing Engine: afl Fuzz Target: rtcpfuzzer Job Type: aflasanjanus-gateway Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 2 Crash...

aspell/aspell_fuzzer: Dynamic-stack-buffer-overflow in acommon::unescape

Project: https://github.com/gnuaspell/aspell.git Detailed report: https://oss-fuzz.com/testcase?key=5678055552450560 Project: aspell Fuzzer: aflaspellfuzzer Fuzz target binary: aspellfuzzer Job Type: aflasanaspell Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 1 Crash Address:...

chakra: Dynamic-stack-buffer-overflow in js_memcpy_s

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=4738279476822016 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 16 Crash Address: 0x7fffa66f0a98 Crash State: jsmemcpys...