6505 matches found
OSV-2025-408 Heap-buffer-overflow in sav_parse_long_variable_names_record
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420198855 Crash type: Heap-buffer-overflow READ 1 Crash state: savparselongvariablenamesrecord savparserecordspass2 readstatparsesav...
OSV-2025-406 Security exception in com.puppycrawl.tools.checkstyle.JavaAstVisitor.getInnerBopAst
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420197344 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.JavaAstVisitor.getInnerBopAst java.base/java.util.stream.ReferencePipeline$3$1.accept...
PT-2025-23994 · Git +1 · Checkstyle
Name of the Vulnerable Software and Affected Versions: Checkstyle affected versions not specified Description: The software experiences a security exception during the getInnerBopAst function within the com.puppycrawl.tools.checkstyle.JavaAstVisitor class. This issue is triggered during stream...
PT-2025-23995 · Git +1 · Readstat
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software contains a heap-buffer-overflow read issue. The crash occurs during the sav parse long variable names record function, which is called by sav par...
CVE-2022-40160
DISPUTED This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA...
OSV-2025-404 Use-of-uninitialized-value in JS_FreeRuntime
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=419346940 Crash type: Use-of-uninitialized-value Crash state: JSFreeRuntime fuzzeval.c asyncfuncinit...
OSV-2025-401 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=419340194 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/java.nio.CharBuffer.wrap java.base/sun.nio.cs.StreamEncoder.implWrite...
PT-2025-23445 · Oss Fuzz · Quickjs
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=419346940 Crash type: Use-of-uninitialized-value Crash state: JS FreeRuntime fuzz eval.c async func init...
PT-2025-23444 · Oss Fuzz · Checkstyle
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=419340194 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/java.nio.CharBuffer.wrap java.base/sun.nio.cs.StreamEncoder.implWrite...
CVE-2022-40159
DISPUTED This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA...
OSV-2025-396 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=419059436 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/sun.nio.cs.UTF8$Encoder.encodeArrayLoop java.base/sun.nio.cs.UTF8$Encoder.encodeLoop...
PT-2025-23420 · Git +1 · Checkstyle
Name of the Vulnerable Software and Affected Versions: Checkstyle affected versions not specified Description: The software experiences a security exception during parsing of Java expressions within the com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr component. The crash stat...
CVE-2003-0261
fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges...
DEBIAN-CVE-2025-48060
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jvstringvfmt in the jqfuzzexecute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void p = mallocsz;. As of time of publication, no patched versions are...
AZL-61974 CVE-2025-48060 affecting package jq for versions less than 1.6-4
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jvstringvfmt in the jqfuzzexecute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void p = mallocsz;. As of time of publication, no patched versions are...
AZL-61968 CVE-2025-48060 affecting package jq for versions less than 1.7.1-4
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jvstringvfmt in the jqfuzzexecute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void p = mallocsz;. As of time of publication, no patched versions are...
ALPINE-CVE-2025-48060
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jvstringvfmt in the jqfuzzexecute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void p = mallocsz;. As of time of publication, no patched versions are...
CVE-2025-37939
In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix accessing BTF.ext corerelo header Update btfextparseinfo to ensure the corerelo header is present before reading its fields. This avoids a potential buffer read overflow reported by the OSS Fuzz project...
CVE-2025-37939
CVE-2025-37939 affects the Linux kernel in the libbpf component, specifically the BTF.ext core_relo header handling. The issue arises when btf_ext_parse_info() reads fields of the core_relo header without confirming its presence, potentially triggering a buffer read overflow as reported by OSS-Fu...
OSV-2025-384 Segv on unknown address in rtpp_refcnt_decref
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=418437591 Crash type: Segv on unknown address Crash state: rtpprefcntdecref hashtablepurge rtppwrefpurge...