GHSA-V7G2-M8C5-MF84 ImageMagick: Memory allocation with excessive without limits in the internal SVG decoder

A crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate 674 GB of memory, leading to an out-of-memory abort. Found via AFL++ fuzzing with afl-clang-lto instrumentation and AddressSanitizer...

Monero: Reported RPC Overflow

A stack buffer overflow was reported in the Monero RPC server. Specifically, on line 1291 of the corerpcserver.cpp file, an overflow could occur if the size of the b.data did not match the size of the crypto::keyimage. Additionally, a missing return statement was found following line 1289. The...

PT-2025-19688 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: libdwg affected versions not specified Description: The software is susceptible to an index-out-of-bounds issue discovered through OSS-Fuzz testing. The crash occurs during the processing of .dwg files, specifically within the dwg decode eed,...

CVE-2022-24668

A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error after frame parsing but before frame handlin...

Microsoft MsMpEng - Multiple Crashes While Scanning Malformed Files Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1261 A detailed introduction to MsMpEng can be found in issue 1252 , so I will skip the background story here. Through fuzzing, we have discovered a number of ways to crash the...

Monkey HTTPD 1.1.1 - Denial of Service Vulnerability

Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. It has been designed to be very scalable with low...