Exploit for Heap-based Buffer Overflow in Google Android

This is a PoC exploit for CVE-2020-8899, a memory corruption vulnerability in the Samsung Qmage codec. The exploit targets a Samsung Galaxy Note 10+ phone running Android 10 via MMS. The exploit code is written in Python and requires the following software to be locally installed: Python 3, Netwi...

curl: Heap Buffer Overflow (READ of size 1) in ourWriteOut

Summary: Whilst fuzzing the curl command line tool built from commit 779b415 with AFL, ASAN and libdislocator, a heap buffer overflow was triggered when a crafted curl configuration file was loaded. Steps To Reproduce: echo "LXdAAAou" | base64 -d test0070.conf ./curl -q -K test0070.conf...

Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4

Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in scFindExtrema4 A heap corruption was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of TrueType, implemented in a proprietary t2k library...