70 matches found
suricata:fuzz_sigpcap: Heap-buffer-overflow in DefragInsertFrag
Project: https://github.com/OISF/suricata.git Detailed Report: https://oss-fuzz.com/testcase?key=5128911659991040 Project: suricata Fuzzing Engine: libFuzzer Fuzz Target: fuzzsigpcap Job Type: libfuzzerasansuricata Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address:...
llvm:llvm-opt-fuzzer--x86_64-loop_vectorize: Use-of-uninitialized-value in llvm::APInt::operator==
Detailed Report: https://oss-fuzz.com/testcase?key=5688234652991488 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: llvm-opt-fuzzer--x8664-loopvectorize Job Type: libfuzzermsanllvm Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: llvm::APInt::operator==...
Trend Micro Security (Consumer) Arbitrary Code Execution
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-PERSISTENT-ARBITRARY-CODE-EXECUTION.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.trendmicro.com Products Trend Micro Security...
llvm:clang-objc-fuzzer: Use-of-uninitialized-value in clang::tok::isAnnotation
Detailed Report: https://oss-fuzz.com/testcase?key=5642424365350912 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-objc-fuzzer Job Type: libfuzzermsanllvm Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: clang::tok::isAnnotation...
radare2:ia_fuzz: Heap-buffer-overflow in walk_exports
Project: https://github.com/radare/radare2.git Detailed Report: https://oss-fuzz.com/testcase?key=5767342952284160 Project: radare2 Fuzzing Engine: libFuzzer Fuzz Target: iafuzz Job Type: libfuzzerasanradare2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 2 Crash Address: 0x602000036837...
ffmpeg/ffmpeg_AV_CODEC_ID_AGM_fuzzer: Stack-buffer-overflow in get_tree_codes
Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://oss-fuzz.com/testcase?key=5745747003179008 Project: ffmpeg Fuzzer: libFuzzerffmpegAVCODECIDAGMfuzzer Fuzz target binary: ffmpegAVCODECIDAGMfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linux Crash Type: Stack-buffer-overflow...
harfbuzz/hb-shape-fuzzer: Heap-buffer-overflow in BEInt<unsigned short, 2>::operator unsigned short
Project: https://github.com/harfbuzz/harfbuzz.git Detailed report: https://oss-fuzz.com/testcase?key=5688420752424960 Project: harfbuzz Fuzzer: libFuzzerharfbuzzhb-shape-fuzzer Fuzz target binary: hb-shape-fuzzer Job Type: libfuzzerasanharfbuzz Platform Id: linux Crash Type: Heap-buffer-overflow...
poppler/pdf_fuzzer: Use-of-uninitialized-value in JBIG2Bitmap::getPixelPtr
Project: https://anongit.freedesktop.org/git/poppler/poppler.git Detailed report: https://oss-fuzz.com/testcase?key=5159163985395712 Project: poppler Fuzzer: libFuzzerpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanpoppler Platform Id: linux Crash Type:...
EasyService Billing 1.0 - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications history.pushState'', '', '/' form action="http://test.com/EasyServiceBilling/quotation-new3-new2.php?add=true&id=139" method="P...
Easy Hosting Control Panel 0.37.12.b Unverified Password Change
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EHCP-v0.37.12.b-UNVERIFIED-PASSWORD-CHANGE.txt + ISR: Apparition Security Greetz: indoushka|Eduardo|Dirty0tis Vendor: ============= www.ehcp.net Product: =========== Easy Hosting Control...
graphicsmagick/coder_DPX_fuzzer: Use-of-uninitialized-value in WriteDPXImage
Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed report: https://oss-fuzz.com/testcase?key=5116678160515072 Project: graphicsmagick Fuzzer: libFuzzergraphicsmagickcoderDPXfuzzer Fuzz target binary: coderDPXfuzzer Job Type: libfuzzermsangraphicsmagick Platform Id: linux Crash Type:...
imagemagick/encoder_dng_fuzzer: Use-of-uninitialized-value in LibRaw::parse_tiff_ifd
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6488155063582720 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...
curl/curl_fuzzer_rtsp: Heap-buffer-overflow in rtsp_rtp_readwrite
Project: https://github.com/curl/curl.git Detailed report: https://oss-fuzz.com/testcase?key=6722246199476224 Project: curl Fuzzer: aflcurlfuzzerrtsp Fuzz target binary: curlfuzzerrtsp Job Type: aflasancurl Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x629000009214...
graphicsmagick/coder_VIFF_fuzzer: Use-of-uninitialized-value in ThresholdImage
Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed report: https://oss-fuzz.com/testcase?key=4975558724157440 Project: graphicsmagick Fuzzer: libFuzzergraphicsmagickcoderVIFFfuzzer Fuzz target binary: coderVIFFfuzzer Job Type: libfuzzermsangraphicsmagick Platform Id: linux Crash Type:...
imagemagick/encoder_psd_fuzzer: Use-of-uninitialized-value in ScaleQuantumToShort
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5934130886868992 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderpsdfuzzer Fuzz target binary: encoderpsdfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...
imagemagick/encoder_pcds_fuzzer: Use-of-uninitialized-value in ClampPixel
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5687013954027520 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderpcdsfuzzer Fuzz target binary: encoderpcdsfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...
Photo Vault v1.2 iOS - Insecure Authentication Vulnerability
Document Title: =============== Photo Vault v1.2 iOS - Insecure Authentication Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2110 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-20371 CVE-ID: ======= CVE-2018-20371 Release Date:...
dlplibs/lrffuzzer: Index-out-of-bounds in offsetTOCLookupFn
Detailed report: https://oss-fuzz.com/testcase?key=6333949702832128 Project: dlplibs Fuzzer: libFuzzerdlplibslrffuzzer Fuzz target binary: lrffuzzer Job Type: libfuzzerubsandlplibs Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State: offsetTOCLookupFn doLoadFromCommonDat...
Microsoft Windows MSC XXE Data Exfiltration Vulnerability
Document Title: =============== Microsoft Windows MSC XXE Data Exfiltration Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2095 Video: https://www.youtube.com/watch?v=GmaNKZ0h3Yc Advisory: https://www.vulnerability-lab.com/getcontent.php?id=2094 Release...
gdal: Heap-buffer-overflow in RPFTOCReadFromBuffer
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=6377067262246912 Project: gdal Fuzzer: libFuzzergdalfilesystemfuzzer Fuzz target binary: gdalfilesystemfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash...