6506 matches found
OSV-2023-840 Null-dereference READ in isvcd_parse_inter_slice_data_cavlc_enh_lyr
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62290 Crash type: Null-dereference READ Crash state: isvcdparseinterslicedatacavlcenhlyr isvcdparseepslice isvcdparsedecodesliceextnal...
OSV-2023-838 Use-of-uninitialized-value in wabt::BinaryReaderIR::OnOpcode
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62267 Crash type: Use-of-uninitialized-value Crash state: wabt::BinaryReaderIR::OnOpcode wabt::BinaryReader::ReadInstructions wabt::ReadBinary...
OSV-2023-837 Heap-buffer-overflow in uint7_get_64
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62270 Crash type: Heap-buffer-overflow READ 1 Crash state: uint7get64 cramhuffmandecodeinit cramdecoderinit...
OSV-2023-819 Heap-buffer-overflow in ucl_object_dtor_unref_single
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62167 Crash type: Heap-buffer-overflow READ 8 Crash state: uclobjectdtorunrefsingle uclobjectdtorunref uclhashdestroy...
PT-2023-36002 · Git +1 · Kamailio
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves functions such as parse priv value and parse privacy, which are located in...
OSV-2023-811 Invalid-free in bit_chain_alloc_size
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62132 Crash type: Invalid-free Crash state: bitchainallocsize bitwriteRC bitHtodat...
OSV-2023-798 Memcpy-param-overlap in repeat
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62081 Crash type: Memcpy-param-overlap Crash state: repeat repeat pere...
OSV-2023-797 Stack-buffer-overflow in QBuffer::readData
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62075 Crash type: Stack-buffer-overflow WRITE Crash state: QBuffer::readData QIODevicePrivate::read QDataStream::readRawData...
OSV-2023-795 Security exception in org.apache.poi.hwpf.converter.AbstractWordConverter.processNoteAnchor
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62068 Crash type: Security exception Crash state: org.apache.poi.hwpf.converter.AbstractWordConverter.processNoteAnchor org.apache.poi.hwpf.converter.AbstractWordConverter.processCharacters...
OSV-2023-793 Security exception in org.apache.lucene.util.BytesRefBuilder.<init>
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62034 Crash type: Security exception Crash state: org.apache.lucene.util.BytesRefBuilder. org.apache.lucene.analysis.tokenattributes.CharTermAttributeImpl.clone...
OSV-2023-783 Use-after-poison in parser_yylex
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61941 Crash type: Use-after-poison READ 8 Crash state: parseryylex rubyyyparse yycompile0...
OSV-2023-776 Heap-buffer-overflow in ndpi_domain_classify_contains
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61882 Crash type: Heap-buffer-overflow READ 2 Crash state: ndpidomainclassifycontains ndpigetcustomcategorymatch ndpimatchhostsubprotocol...
OSV-2023-775 Security exception in com.github.javaparser.CommentsInserter.insertComments
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61895 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals com.github.javaparser.Position.equals...
OSV-2023-764 Heap-buffer-overflow in pim_pim_packet
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61854 Crash type: Heap-buffer-overflow READ 2 Crash state: pimpimpacket pimmain.c...
OSV-2023-758 Heap-double-free in bit_TV_to_utf8
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61818 Crash type: Heap-double-free Crash state: bitTVtoutf8 jsoncquote jsonheaderwriteprivate...
OSV-2023-756 Heap-buffer-overflow in rawspeed::DngDecoder::decodeMetaDataInternal
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61800 Crash type: Heap-buffer-overflow READ 4 Crash state: rawspeed::DngDecoder::decodeMetaDataInternal rawspeed::RawDecoder::decodeMetaData...
Attacker can profitable trade with the pool
Lines of code Vulnerability details Impact The swap invariant used is unstable with large pool reserves locked. An attacker can generate a profit by trading with the pool, hurting Liquidity Providers. Proof of Concept To find some vulernable configurations we fuzzed the swap function of the Prote...
OSV-2023-750 Security exception in org.antlr.v4.runtime.atn.PredictionContext.fromRuleContext
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61786 Crash type: Security exception Crash state: org.antlr.v4.runtime.atn.PredictionContext.fromRuleContext java.base/jdk.internal.misc.Unsafe.weakCompareAndSetInt java.base/jdk.internal.misc.Unsafe.getAndAddInt...
OSV-2023-748 Segv on unknown address in dwg_encode
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61795 Crash type: Segv on unknown address Crash state: dwgencode llvmfuzz.c...
OSV-2023-747 Segv on unknown address in kh_get_ucl_hash_caseless_node
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61794 Crash type: Segv on unknown address Crash state: khgetuclhashcaselessnode uclhashsearch uclincludefilesingle...