libetpan -- null dereference vulnerability in MIME parsing component

rwhitworth reports: I was using American Fuzzy Lop afl-fuzz to fuzz input to the mime-parse test program. Is fixing these crashes something you're interested in? The input files can be found here: https://github.com/rwhitworth/libetpan-fuzz/. The files can be executed as ./mime-parse idfilename t...

wireshark: Stack-use-after-return in add_tagged_field

Project: https://code.wireshark.org/review/wireshark Detailed report: https://oss-fuzz.com/testcase?key=6172256742932480 Project: wireshark Fuzzer: libFuzzerwiresharkfuzzsharkip Fuzz target binary: fuzzsharkip Job Type: libfuzzerasanwireshark Platform Id: linux Crash Type: Stack-use-after-return...

dlplibs: Bad-free in std::__1::__shared_ptr_pointer<librevenge::RVNGInputStream*, std::__1::default_d

Detailed report: https://oss-fuzz.com/testcase?key=5495959146463232 Project: dlplibs Fuzzer: afldlplibswpdfuzzer Fuzz target binary: wpdfuzzer Job Type: aflasandlplibs Platform Id: linux Crash Type: Bad-free Crash Address: 0x7f5d72160220 Crash State: std::1::sharedptrpointer::sharedptr...

wireshark: Heap-buffer-overflow in bootp_option

Project: https://code.wireshark.org/review/wireshark Detailed report: https://oss-fuzz.com/testcase?key=5638972833267712 Project: wireshark Fuzzer: libFuzzerwiresharkfuzzsharkudpport-bootp Fuzz target binary: fuzzsharkudpport-bootp Job Type: libfuzzerasanwireshark Platform Id: linux Crash Type:...

grpc: Heap-use-after-free in gpr_unref

Project: https://github.com/grpc/grpc.git Detailed report: https://oss-fuzz.com/testcase?key=6462055064272896 Project: grpc Fuzzer: libFuzzergrpcapifuzzer Fuzz target binary: apifuzzer Job Type: libfuzzerasangrpc Platform Id: linux Crash Type: Heap-use-after-free WRITE 8 Crash Address:...

file: Heap-buffer-overflow in cdf_getuint32

Project: https://github.com/file/file.git Detailed report: https://oss-fuzz.com/testcase?key=4694120629010432 Project: file Fuzzer: libFuzzerfilemagicfuzzer Fuzz target binary: magicfuzzer Job Type: libfuzzerasanfile Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash Address:...

file: Heap-buffer-overflow in cdf_getuint32

Project: https://github.com/file/file.git Detailed report: https://oss-fuzz.com/testcase?key=4879865188712448 Project: file Fuzzer: aflfilemagicfuzzer Fuzz target binary: magicfuzzer Job Type: aflasanfile Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash Address: 0x611000000280 Cra...

dlplibs: Heap-buffer-overflow in librevenge::RVNGString::Iter::operator

Detailed report: https://oss-fuzz.com/testcase?key=6384974469005312 Project: dlplibs Fuzzer: libFuzzerdlplibsabwfuzzer Fuzz target binary: abwfuzzer Job Type: libfuzzerasandlplibs Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x60a000002cf8 Crash State:...

grpc: Heap-buffer-overflow in internal_add_error

Detailed report: https://oss-fuzz.com/testcase?key=6312731374256128 Project: grpc Fuzzer: aflgrpcserverfuzzer Fuzz target binary: serverfuzzer Job Type: aflasangrpc Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 1 Crash Address: 0x616000000a48 Crash State: internaladderror...

icu: Use-of-uninitialized-value in u_strToUTF8WithSub_59

Project: https://github.com/unicode-org/icu.git Detailed report: https://oss-fuzz.com/testcase?key=6488436909277184 Project: icu Fuzzer: libFuzzericuucasemapfuzzer Fuzz target binary: ucasemapfuzzer Job Type: libfuzzermsanicu Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address...

botan: Use-of-uninitialized-value in Botan::Charset::is_space

Project: https://github.com/randombit/botan.git Detailed report: https://oss-fuzz.com/testcase?key=6157314526543872 Project: botan Fuzzer: libFuzzerbotancert Fuzz target binary: cert Job Type: libfuzzermsanbotan Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

file: Use-of-uninitialized-value in mcopy

Project: https://github.com/file/file.git Detailed report: https://oss-fuzz.com/testcase?key=6069128647409664 Project: file Fuzzer: libFuzzerfilemagicfuzzer Fuzz target binary: magicfuzzer Job Type: libfuzzermsanfile Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

file: Use-of-uninitialized-value in file_replace

Project: https://github.com/file/file.git Detailed report: https://oss-fuzz.com/testcase?key=5601604277370880 Project: file Fuzzer: libFuzzerfilemagicfuzzer Fuzz target binary: magicfuzzer Job Type: libfuzzermsanfile Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

DHCP Exhaustion Script: DHCPig

DHCP Exhaustion Script DHCPig initiates an advanced DHCP exhaustion attack. It will consume all IPs on the LAN, stop new users from obtaining IPs, release any IPs in use, then for good measure send gratuitous ARP and knock all windows hosts offline. It requires scapy =2.1 library and admin...

grpc: Heap-buffer-overflow in grpc_base64_decode

Project: https://github.com/grpc/grpc.git Detailed report: https://oss-fuzz.com/testcase?key=5595941564317696 Project: grpc Fuzzer: libFuzzergrpcserverfuzzer Job Type: libfuzzerasangrpc Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address: 0x608000000172 Crash State:...

libmspub: Stack-use-after-scope in libmspub::MSPUBCollector::paintShape

Detailed report: https://oss-fuzz.com/testcase?key=4867319689904128 Project: libmspub Fuzzer: afllibmspubpubfuzzer Fuzz target binary: pubfuzzer Job Type: aflasanlibmspub Platform Id: linux Crash Type: Stack-use-after-scope READ 8 Crash Address: 0x7f23248bf9f0 Crash State:...

grpc: Heap-buffer-overflow in server_filter_incoming_metadata

Project: https://github.com/grpc/grpc.git Detailed report: https://oss-fuzz.com/testcase?key=5417405008314368 Project: grpc Fuzzer: libFuzzergrpcserverfuzzer Fuzz target binary: serverfuzzer Job Type: libfuzzerasangrpc Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...

file: Heap-buffer-overflow in cdf_read_property_info

Project: https://github.com/file/file.git Detailed report: https://oss-fuzz.com/testcase?key=5121085282451456 Project: file Fuzzer: aflfilemagicfuzzer Fuzz target binary: magicfuzzer Job Type: aflasanfile Platform Id: linux Crash Type: Heap-buffer-overflow READ 8 Crash Address: 0x611000000280 Cra...

ots: Heap-use-after-free in ots::OTSStream::Write

Project: https://github.com/khaledhosny/ots.git Detailed report: https://oss-fuzz.com/testcase?key=5372103857537024 Project: ots Fuzzer: libFuzzerotsots-fuzzer Fuzz target binary: ots-fuzzer Job Type: libfuzzerasanots Platform Id: linux Crash Type: Heap-use-after-free READ 4 Crash Address:...

sqlite3: Global-buffer-overflow in sqlite3VdbeMemPrettyPrint

Detailed report: https://oss-fuzz.com/testcase?key=6749820112863232 Project: sqlite3 Fuzzer: libFuzzersqlite3ossfuzz Fuzz target binary: ossfuzz Job Type: libfuzzerasansqlite3 Platform Id: linux Crash Type: Global-buffer-overflow READ 1 Crash Address: 0x000002b188a8 Crash State:...