6 Types of Applications Security Testing You Must Know About

Application security testing is a critical component of modern software development, ensuring that applications are robust and resilient against malicious attacks. As cyber threats continue to evolve in complexity and frequency, the need to integrate comprehensive security measures throughout the...

OSV-2024-678 Use-of-uninitialized-value in FLAC__replaygain_synthesis__apply_gain

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70482 Crash type: Use-of-uninitialized-value Crash state: FLACreplaygainsynthesisapplygain writecallback readframe...

OSV-2024-675 Security exception in com.github.javaparser.CommentsInserter.insertComments

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70587 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals com.github.javaparser.Position.equals...

OSV-2024-664 Heap-buffer-overflow in gf_dash_group_get_template

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70342 Crash type: Heap-buffer-overflow WRITE 1 Crash state: gfdashgroupgettemplate gfdashresolveurl gfdashdownloadinitsegment...

OSV-2024-662 Security exception in com.github.javaparser.CommentsInserter.insertComments

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70313 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals com.github.javaparser.Position.equals...

OSV-2024-661 Security exception in java.base/java.util.ArrayList.<init>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66137 Crash type: Security exception Crash state: java.base/java.util.ArrayList. org.apache.poi.xssf.eventusermodel.ReadOnlySharedStringsTable.startElement...

OSV-2024-659 Index-out-of-bounds in gf_vvc_parse_nalu_bs

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70392 Crash type: Index-out-of-bounds Crash state: gfvvcparsenalubs gfinspectdumpnaluinternal inspectprocess...

OSV-2024-655 Stack-buffer-overflow in UnrollChunkyBytes

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70395 Crash type: Stack-buffer-overflow READ 1 Crash state: UnrollChunkyBytes CachedXFORM cmsDoTransform...

CVE-2024-39510

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefilesondemanddaemonread We got the following issue in a fuzz test of randomly issuing the restore command: ================================================================== BUG: KASAN:...

OSV-2024-641 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70141 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/java.nio.HeapCharBuffer. java.base/java.nio.CharBuffer.wrap...

OSV-2024-640 Null-dereference READ

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69261 Crash type: Null-dereference READ Crash state: NULL...

OSV-2024-638 Heap-buffer-overflow in ih264d_format_convert

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68807 Crash type: Heap-buffer-overflow WRITE Crash state: ih264dformatconvert ih264ddecodepicturethread...

OSV-2024-637 Heap-buffer-overflow in ih264d_format_convert

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69682 Crash type: Heap-buffer-overflow WRITE Crash state: ih264dformatconvert isvcdvideodecode isvcdapifunction...

OSV-2024-634 Heap-buffer-overflow in htmlCurrentChar

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70297 Crash type: Heap-buffer-overflow READ 1 Crash state: htmlCurrentChar htmlParseCharData htmlParseContentInternal...

OSV-2024-635 Null-dereference READ in do_evp_kdf

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69243 Crash type: Null-dereference READ Crash state: doevpkdf FuzzerTestOneInput...

UBUNTU-CVE-2024-39510

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefilesondemanddaemonread We got the following issue in a fuzz test of randomly issuing the restore command: ================================================================== BUG: KASAN:...

CVE-2024-39510

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefilesondemanddaemonread We got the following issue in a fuzz test of randomly issuing the restore command: ================================================================== BUG: KASAN:...

OSV-2024-602 Heap-buffer-overflow in ultrahdr::getYuv420Pixel

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69287 Crash type: Heap-buffer-overflow READ 1 Crash state: ultrahdr::getYuv420Pixel std::1::function::funcultrahdr::JpegR::applyGainMap ultrahdr::JpegR::applyGainMap...

OSV-2024-592 UNKNOWN READ in spvtools::disassemble::InstructionDisassembler::EmitInstruction

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69804 Crash type: UNKNOWN READ Crash state: spvtools::disassemble::InstructionDisassembler::EmitInstruction spvtools::DisassembleInstruction Parser::parseInstruction...

OSV-2024-577 Heap-use-after-free in sputs

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69793 Crash type: Heap-use-after-free READ Crash state: sputs xpswriteprofile xpsbegintypedimage...