6505 matches found
EUVD-2025-16055
Malicious code in bioql PyPI...
EUVD-2022-7064
Malicious code in bioql PyPI...
EUVD-2025-15850
Malicious code in bioql PyPI...
EUVD-2024-53820
Malicious code in bioql PyPI...
EUVD-2023-43736
Malicious code in bioql PyPI...
OSV-2025-803 Global-buffer-overflow in icaltime_day_of_year
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=448424495 Crash type: Global-buffer-overflow READ 4 Crash state: icaltimedayofyear expandbymonthdays expandyeardays...
FalseCrashReducer: Mitigating False Positive Crashes in OSS-Fuzz-Gen Using Agentic AI
Fuzz testing has become a cornerstone technique for identifying software bugs and security vulnerabilities, with broad adoption in both industry and open-source communities. Directly fuzzing a function requires fuzz drivers, which translate random fuzzer inputs into valid arguments for the target...
OSV-2025-797 Heap-buffer-overflow in ProcessRows
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=447845730 Crash type: Heap-buffer-overflow WRITE Crash state: ProcessRows DecodeImageData VP8LDecodeImage...
OSV-2025-796 Heap-buffer-overflow in AddGreenToBlueAndRed_AVX2
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=447958064 Crash type: Heap-buffer-overflow WRITE Crash state: AddGreenToBlueAndRedAVX2 VP8LInverseTransform ProcessRows...
OSV-2025-793 Heap-use-after-free in parse_from_header
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=447719691 Crash type: Heap-use-after-free READ 8 Crash state: parsefromheader fuzzparsemsg.c parseheaders...
OSV-2025-764 Global-buffer-overflow in Ogg_CreateES
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=445845228 Crash type: Global-buffer-overflow READ 11 Crash state: OggCreateES Demux demuxprocessstream...
CVE-2022-50407
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' i...
UBUNTU-CVE-2022-50407
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' i...
CVE-2023-53439 net: skb_partial_csum_set() fix against transport header magic value
In the Linux kernel, the following vulnerability has been resolved: net: skbpartialcsumset fix against transport header magic value skb-transportheader uses the special 0xFFFF value to mark if the transport header was set or not. We must prevent callers to accidentaly set skb-transportheader to...
CVE-2022-50407 crypto: hisilicon/qm - increase the memory of local variables
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' i...
CVE-2022-50407
The CVE-2022-50407 entry concerns the Linux kernel crypto: hisilicon/qm component, where the code path allocates a small local buffer for a QoS value and uses sscanf without validating destination length, enabling a stack overflow. Public documents in connected sources confirm the issue and descr...
CVE-2022-50407
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' i...
Malicious code in oss-fuzz (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ea9bd1245381fc2e4b2f1e2d2ce20ef200636db74be623613eb4498ab3ea0ad Any computer that has this package installed or running should be considered...
MAL-2025-47407 Malicious code in oss-fuzz (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ea9bd1245381fc2e4b2f1e2d2ce20ef200636db74be623613eb4498ab3ea0ad Any computer that has this package installed or running should be considered...
OSV-2025-742 Null-dereference READ in ubsan_GetStackTrace
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=444622228 Crash type: Null-dereference READ Crash state: ubsanGetStackTrace...