1390 matches found
PT-2023-36021 · Git +1 · Icu
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN WRITE. The crash state involves the icu 74::Calendar::set function, as indicated by the calendar fuzzer.c...
WPAxFuzz - A Full-Featured Open-Source Wi-Fi Fuzzer
This tool is capable of fuzzing either any management, control or data frame of the 802.11 protocol or the SAE exchange. For the management, control or data frames, you can choose either the "standard" mode where all of the frames transmitted have valid size values or the "random" mode where the...
CVE-2023-37454
An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udfputsuper and udfcloselvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective about this...
ASB-A-275041864
In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Firefly - Black Box Fuzzer For Web Applications
Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage of testing a target with a large number of built-in checks to detect behaviors in the target. Note: Firefly is in a very new stage v1.0 but works well for now, if the target does n...
PT-2025-49491
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-syzkaller-12049-g58390c8ce1bd Description The Linux kernel usbtmc driver had a flaw where it did not check the direction of 0-length ioctl control messages. This could lead to issues when a user submits an...
Fuzztruction - Prototype Of A Fuzzer That Does Not Directly Mutate Inputs (As Most Fuzzers Do) But Instead Uses A So-Called Generator Application To Produce An Input For Our Fuzzing Target
Fuzztruction is an academic prototype of a fuzzer that does not directly mutate inputs as most fuzzers do but instead uses a so-called generator application to produce an input for our fuzzing target. As programs generating data usually produce the correct representation, our fuzzer mutates the...
SUSE CVE-2021-45940
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow 4 bytes in bpfobjectopen called from bpfobjectopenmem and bpf-object-fuzzer.c...
wolfSSL 5.5.0 Session Resumption Denial Of Service Vulnerability
wolfSSL versions prior to 5.5.0 suffer from a denial of service condition related to session resumption. When a TLS 1.3 client connects to a wolfSSL server and SSLclear is called on its session, the server crashes with a segmentation fault. The bug occurs after a client performs a handshake again...
Solaris 10 dtprintinfo / libXm / libXpm Security Issues
-- HNS-2022-01 - HN Security Advisory - https://security.humanativaspa.it/ Title: Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm Products: Common Desktop Environment 1.6, Motif 2.1, X.Org libXpm Date: 2023-01-18 Oracle vulnerability tracking numbers: S1597707 - Arbitrary printer...
PT-2022-36814 · Git +1 · Kimageformats
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-use-after-free READ 3 crash has been reported. The crash occurs in the HEIFHandler::ensureDecoder and HEIFHandler::read functions, as seen in the...
ASB-A-239210579
In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
protobuf-java: potential DoS in the parsing procedure for binary data
A flaw was found in protobuf-java. Google Protocol Buffer protobuf-java allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of...
CATS - REST API Fuzzer And Negative Testing Tool For OpenAPI Endpoints
REST API fuzzer and negative testing tool. Run thousands of self-healing API tests within minutes with no coding effort! Comprehensive : tests are generated automatically based on a large number scenarios and cover every field and header Intelligent : tests are generated based on data types and...
PT-2022-37269 · Git +1 · Fluent-Bit
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-double-free crash. The crash occurs in the flb sds destroy function, which is called by flb parser conf file in the config...
PT-2022-37179 · Net Snmp · Net-Snmp
Name of the Vulnerable Software and Affected Versions: netsnmp affected versions not specified Description: The issue is related to a heap-buffer-overflow read. Technical details include the netsnmp memdup function and the file snmp api fuzzer.c. Recommendations: At the moment, there is no...
protobuf-java: potential DoS in the parsing procedure for binary data
A flaw was found in protobuf-java. Google Protocol Buffer protobuf-java allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of...
Fedora: Security Advisory for golang-github-liamg-scout (FEDORA-2022-ea8f4e232d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: golang-github-liamg-scout-0.15.1-5.fc36
A lightweight URL fuzzer and spider: Discover a web server's undisclosed file s, directories and VHOSTs...
[SECURITY] Fedora 36 Update: ffuf-1.0.2-7.fc36
Fast web fuzzer written in Go...