6505 matches found
PT-2024-40630 · Git +1 · Libjpeg-Turbo
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of "Use-of-uninitialized-value" as reported by OSS-Fuzz. The crash occurs in the decompress yuv.cc file. No...
OSV-2024-1297 Heap-buffer-overflow in rijndaelSetupEncrypt
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=377977949 Crash type: Heap-buffer-overflow READ 1 Crash state: rijndaelSetupEncrypt rijndaelSetupDecrypt AESPDFnative::AESPDFnative...
OSV-2024-1293 Use-of-uninitialized-value in k5_hashtab_add
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=377530685 Crash type: Use-of-uninitialized-value Crash state: k5hashtabadd insertentry fuzzkdc.c...
CVE-2024-50110
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in copytoiter+0x598/0x2a30 copytoiter+0x598/0x2a30 skbdatagramiter+0x168/0x1060...
UBUNTU-CVE-2024-50110
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in copytoiter+0x598/0x2a30 copytoiter+0x598/0x2a30 skbdatagramiter+0x168/0x1060...
OSV-2024-1282 Segv on unknown address in udiv
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=368729572 Crash type: Segv on unknown address Crash state: udiv mpzmdiv mrbbintdiv...
OSV-2024-1279 Heap-buffer-overflow in opj_j2k_read_tile_header
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538309 Crash type: Heap-buffer-overflow WRITE 8 Crash state: opjj2kreadtileheader opjj2kdecodetiles opjj2kdecode...
OSV-2024-1274 Segv on unknown address in yara_yyparse
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376515523 Crash type: Segv on unknown address Crash state: yarayyparse yrlexparserulesfile cliloadyara...
OSV-2024-1272 Segv on unknown address in std::__1::ios_base::~ios_base
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=371292576 Crash type: Segv on unknown address Crash state: std::1::iosbase::iosbase Poco::Net::MultipartReader::nextPart Poco::Net::MailMessage::readMultipart...
OSV-2022-1288 Stack-buffer-overflow in bool SmilesParseOps::parser::parse_atom_props<std::__1::__wrap_iter<char const*>
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376787368 Crash type: Stack-buffer-overflow READ 1 Crash state: bool SmilesParseOps::parser::parseatomprops bool SmilesParseOps::parser::parseit SmilesParseOps::parseCXExtensions...
OSV-2024-1266 UNKNOWN READ in llama_output_reserve
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376770771 Crash type: UNKNOWN READ Crash state: llamaoutputreserve llamadecode fuzztokenizer.cpp...
PT-2024-40623 · Git +1 · Llama.Cpp
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state includes functions such as llama output reserve and llama decode, and is located in...
OSV-2024-1254 Security exception in org.apache.lucene.util.ArrayUtil.growExact
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376504918 Crash type: Security exception Crash state: org.apache.lucene.util.ArrayUtil.growExact org.apache.lucene.util.ArrayUtil.grow org.apache.lucene.util.BytesRefBuilder.grow...
OSV-2023-1398 Heap-buffer-overflow in load_1
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376515517 Crash type: Heap-buffer-overflow READ 1 Crash state: load1 apprenticeload fileapprentice...
OSV-2024-1251 UNKNOWN WRITE in s_DCTD_process
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376394519 Crash type: UNKNOWN WRITE Crash state: sDCTDprocess sreadbuf spgetcc...
PT-2024-40620 · Git +1 · Llama.Cpp
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash occurred due to a segmentation fault on an unknown address. The crash state includes functions such as llama output reserve and llama decode, whi...
PT-2024-40554 · Git +1 · File
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read, as indicated by an OSS-Fuzz report. The crash state includes functions such as load 1, apprentice...
From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code
Posted by the Big Sleep team Introduction In our previous post, Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models, we introduced our framework for large-language-model-assisted vulnerability research and demonstrated its potential by improving the state-of-the-a...
OSV-2024-1249 Heap-buffer-overflow in extract_ice_option
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376100377 Crash type: Heap-buffer-overflow READ 1 Crash state: extracticeoption parsesdpsession parsesdp...
SUSE CVE-2024-48426
A segmentation fault SEGV was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address 0x1000c9714971...