6506 matches found
OSV-2023-1071 Heap-use-after-free in igraph_pajek_yyparse
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63609 Crash type: Heap-use-after-free READ 11 Crash state: igraphpajekyyparse igraphreadgraphpajek readpajek.cpp...
OSV-2023-1070 Segv on unknown address in igraph_strvector_set_len
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63599 Crash type: Segv on unknown address Crash state: igraphstrvectorsetlen igraphipajekaddstringattribute igraphpajekyyparse...
OSV-2023-1069 Heap-use-after-free in igraph_pajek_yyparse
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63590 Crash type: Heap-use-after-free READ 3 Crash state: igraphpajekyyparse igraphreadgraphpajek readpajek.cpp...
OSV-2023-1068 Heap-buffer-overflow in iasecc_parse_size
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63587 Crash type: Heap-buffer-overflow READ 1 Crash state: iaseccparsesize iaseccparsegettlv iaseccparsedocp...
OSV-2023-1063 Heap-double-free in dwg_free_object
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63537 Crash type: Heap-double-free Crash state: dwgfreeobject dwgfree llvmfuzz.c...
OSV-2023-1062 Heap-buffer-overflow in H5MM_xstrdup
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63566 Crash type: Heap-buffer-overflow READ Crash state: H5MMxstrdup H5Genttolink H5Gnodeiterate...
PT-2023-35542 · Git +1 · Libredwg
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash type of Heap-double-free was reported. The crash state involves dwg free object and dwg free functions in the llvmfuzz.c file. Recommendations: A...
OSV-2023-1059 Out-of-memory in IndexSearchFuzzer
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63512 Crash type: Out-of-memory Crash state: IndexSearchFuzzer...
OSV-2023-1033 Heap-buffer-overflow in Gfx::InputStreamer::read_u32
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63357 Crash type: Heap-buffer-overflow READ 1 Crash state: Gfx::InputStreamer::readu32 Gfx::setdibbitmasks Gfx::decodebmpdib...
CLSA-2023-1697740947 glib2: Fix of 5 CVEs
Enable internal tests - Skip several failed tests from the check - CVE-2023-29499: Fix GVariant offset table entry size which is not checked in isnormal - CVE-2023-32611: Fix an issue where gvariantbyteswap can take a long time with some non-normal inputs - CVE-2023-32665: Fix GVariant...
OSV-2023-1025 Heap-buffer-overflow in ucl_hash_destroy
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63299 Crash type: Heap-buffer-overflow READ 8 Crash state: uclhashdestroy uclobjectdtorunrefsingle uclobjectdtorunref...
OSV-2023-1016 Use-of-uninitialized-value in Render_Single_Pass
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63241 Crash type: Use-of-uninitialized-value Crash state: RenderSinglePass RenderGlyph ftblackrender...
OSV-2023-1014 Security exception in org.jsoup.parser.HtmlTreeBuilder.process
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63242 Crash type: Security exception Crash state: org.jsoup.parser.HtmlTreeBuilder.process org.jsoup.parser.HtmlTreeBuilderState$14.handleMissingTr org.jsoup.parser.HtmlTreeBuilderState$14.process...
OSV-2023-1009 Security exception in net.jsign.bouncycastle.asn1.ASN1StreamParser.readVector
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63217 Crash type: Security exception Crash state: net.jsign.bouncycastle.asn1.ASN1StreamParser.readVector net.jsign.bouncycastle.asn1.ASN1StreamParser.loadTaggedIL net.jsign.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObj...
CLSA-2023-1697135256 glib2: Fix of 5 CVEs
CVE-2023-29499: Fix GVariant offset table entry size which is not checked in isnormal - CVE-2023-32611: Fix an issue where gvariantbyteswap can take a long time with some non-normal inputs - CVE-2023-32665: Fix GVariant deserialisation which does not match spec for non-normal data -...
OSV-2023-1008 Heap-use-after-free in gx_image_enum_begin
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63185 Crash type: Heap-use-after-free WRITE 8 Crash state: gximageenumbegin gxbeginimage1 gxdefaultbegintypedimage...
OSV-2023-1004 Heap-buffer-overflow in ndpi_snprintf
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63179 Crash type: Heap-buffer-overflow WRITE 11 Crash state: ndpisnprintf ndpiserializestringint32 fuzzserialization.cpp...
PT-2023-35525 · Git +1 · Ndpi
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow WRITE 11 crash has been reported. The crash involves the ndpi snprintf and ndpi serialize string int32 functions in the fuzz...
OSV-2023-1001 Security exception in java.base/java.lang.String.repeat
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63154 Crash type: Security exception Crash state: java.base/java.lang.String.repeat org.springframework.expression.spel.ast.OpMultiply.getValueInternal org.springframework.expression.spel.ast.MethodReference.getArguments...
OSV-2023-1000 Heap-use-after-free in xmlParserPrintFileContextInternal
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63157 Crash type: Heap-use-after-free READ 1 Crash state: xmlParserPrintFileContextInternal xmlReportError xmlRaiseError...