6506 matches found
OSV-2023-743 Out-of-memory in QueryParserFuzzer
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61742 Crash type: Out-of-memory Crash state: QueryParserFuzzer...
OSV-2023-742 Security exception in org.json.JSONArray.writeTo
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61747 Crash type: Security exception Crash state: org.json.JSONArray.writeTo org.json.JSONStringer.value org.json.JSONStringer.peek...
OSV-2023-741 Heap-buffer-overflow in Flow::dissectBittorrent
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61737 Crash type: Heap-buffer-overflow READ 1 Crash state: Flow::dissectBittorrent NetworkInterface::processPacket NetworkInterface::dissectPacket...
OSV-2023-734 Container-overflow in libbrotlidec.so.1
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61675 Crash type: Container-overflow WRITE Crash state: libbrotlidec.so.1 BrotliDecoderDecompressStream Exiv2::BmffImage::brotliUncompress...
OSV-2023-726 Heap-buffer-overflow in Flow::dissectNetBIOS
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61648 Crash type: Heap-buffer-overflow READ 1 Crash state: Flow::dissectNetBIOS NetworkInterface::processPacket NetworkInterface::dissectPacket...
OSV-2023-721 Stack-buffer-overflow in crc24q_check
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61617 Crash type: Stack-buffer-overflow READ 1 Crash state: crc24qcheck packetparse FuzzPacket.c...
OSV-2023-719 Security exception in org.apache.commons.jxpath.ri.compiler.CoreFunction.toString
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61597 Crash type: Security exception Crash state: org.apache.commons.jxpath.ri.compiler.CoreFunction.toString java.base/java.lang.String.valueOf java.base/java.lang.StringBuilder.append...
OSV-2023-717 Heap-buffer-overflow in bit_TV_to_utf8_codepage
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61593 Crash type: Heap-buffer-overflow READ 1 Crash state: bitTVtoutf8codepage bitTVtoutf8 dwgdecodeLAYOUTprivate...
OSV-2023-716 Security exception in org.springframework.expression.spel.ast.OpPlus.getValueInternal
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61603 Crash type: Security exception Crash state: org.springframework.expression.spel.ast.OpPlus.getValueInternal org.springframework.core.convert.support.GenericConversionService$ConverterCache...
OSV-2023-715 Stack-use-after-scope in ulocimp_addLikelySubtags_74
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61582 Crash type: Stack-use-after-scope READ 3 Crash state: ulocimpaddLikelySubtags74 ulocisRightToLeft74 ulocisrighttoleftfuzzer.cpp...
OSV-2023-705 Security exception in org.apache.lucene.util.automaton.RegExp.toAutomaton
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61493 Crash type: Security exception Crash state: org.apache.lucene.util.automaton.RegExp.toAutomaton java.base/java.util.BitSet.ensureCapacity java.base/java.util.BitSet.expandTo...
OSV-2023-697 Heap-buffer-overflow in IEC104Stats::processPacket
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61443 Crash type: Heap-buffer-overflow READ 1 Crash state: IEC104Stats::processPacket Flow::processIEC60870Packet NetworkInterface::processPacket...
OSV-2023-696 Security exception in org.apache.lucene.analysis.tokenattributes.CharTermAttributeImpl.clone
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61423 Crash type: Security exception Crash state: org.apache.lucene.analysis.tokenattributes.CharTermAttributeImpl.clone org.apache.lucene.analysis.tokenattributes.PackedTokenAttributeImpl.clone...
OSV-2023-693 Security exception in org.json.JSONArray.writeTo
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61399 Crash type: Security exception Crash state: org.json.JSONArray.writeTo org.json.JSONStringer.value org.json.JSONStringer.peek...
OSV-2023-692 Invalid-free in reset_context
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61397 Crash type: Invalid-free Crash state: resetcontext finishmetric cmtdecodeprometheusparse...
OSV-2023-689 Use-of-uninitialized-value
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61380 Crash type: Use-of-uninitialized-value Crash state: NULL...
OSV-2023-688 Invalid-free in Flow::~Flow
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61361 Crash type: Invalid-free Crash state: Flow::Flow Flow::Flow GenericHash::cleanup...
OSV-2023-685 Invalid-free in reset_context
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61339 Crash type: Invalid-free Crash state: resetcontext cmtdecodeprometheuscreate cmetricsdecodefuzz.c...
OSV-2023-684 Heap-use-after-free in __xmlRaiseError
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61337 Crash type: Heap-use-after-free READ 2 Crash state: xmlRaiseError htmlParseErr htmlCurrentChar...
OSV-2023-680 Security exception in org.apache.poi.hdgf.streams.PointerContainingStream.findChildren
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61372 Crash type: Security exception Crash state: org.apache.poi.hdgf.streams.PointerContainingStream.findChildren...