OSV-2020-1165 Global-buffer-overflow in parse_headers

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14154 Crash type: Global-buffer-overflow READ 4 Crash state: parseheaders parsehttprequest fuzzparsehttprequest...

OSV-2020-855 Use-of-uninitialized-value in read_uleb128

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6402 Crash type: Use-of-uninitialized-value Crash state: readuleb128 dexparse dexload...

Huawei Data Communication: Read and parse display mpls rsvp-te interface

Get mpls rsvp-te interface configuration of the VRP device. Please set screen-length of user-interface to 0, otherwise not all configurations are returned. Note: This script only stores information for other Policy Controls. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might b...

Huawei Data Communication: Read and parse display mpls ldp session verbose

Get mpls ldp session configuration of the VRP device. Please set screen-length of user-interface to 0, otherwise not all configurations are returned. Note: This script only stores information for other Policy Controls. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be...

CVE-2020-12425

Due to confusion processing a hyphen character in Date.parse, a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox 78...

gettext: double free in default_add_message in read-catalog.c

An issue was discovered in GNU gettext 0.19.8. There is a double free in defaultaddmessage in read-catalog.c, related to an invalid free in pogramparse in po-gram-gen.y, as demonstrated by lt-msgfmt...

UBUNTU-CVE-2020-15570

The parsereport function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file...

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2020-44565)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A buffer overflow vulnerability exists in Date.parse in versions prior to Mozilla Firefox 78. An attacker can exploit this vulnerability to obtain sensitive information...

Ntop nDPI Buffer Overflow Vulnerability (CNVD-2020-36698)

Ntop nDPI is an open source library for deep packet inspection from Ntop Italy. A buffer overflow vulnerability exists in the ndpiparsepacketlineinfo in the lib/ndpimain.c file in Ntop nDPI 3.2 and earlier versions. The vulnerability stems from a network system or product performing operations in...

DEBIAN-CVE-2020-15471

In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpiparsepacketlineinfo in lib/ndpimain.c...

OSV-2020-605 Global-buffer-overflow in parse_headers

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14232 Crash type: Global-buffer-overflow READ 4 Crash state: parseheaders parsehttprequest fuzzparsehttprequest...

OSV-2020-394 Global-buffer-overflow in parse_headers

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14529 Crash type: Global-buffer-overflow WRITE 8 Crash state: parseheaders parsehttprequest fuzzparsehttprequest...

OSV-2020-373 UNKNOWN READ in url_decode

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14501 Crash type: UNKNOWN READ Crash state: urldecode parsekeyvalues fuzzparsehttprequest...

OSV-2020-328 UNKNOWN READ in dotnet_parse_tilde_2

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16448 Crash type: UNKNOWN READ Crash state: dotnetparsetilde2 dotnetparsetilde dotnetparsecom...

PT-2020-14438

Name of the Vulnerable Software and Affected Versions nDPI versions prior to 3.2 Description The packet parsing code in nDPI is susceptible to a heap-based buffer over-read issue, specifically within the ndpi parse packet line info function located in lib/ndpi main.c. Recommendations For versions...

UBUNTU-CVE-2020-12425

Due to confusion processing a hyphen character in Date.parse, a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox 78...

OSV-2020-279 Global-buffer-overflow in lex_multiline_string

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18562 Crash type: Global-buffer-overflow READ 3 Crash state: lexmultilinestring lexnext parsekeyvalue...

CVE-2020-15365

LibRaw before 0.20-Beta3 has an out-of-bounds write in parseexif in metadata\exifgps.cpp via an unrecognized AtomName and a zero value of tiffnifds...

UBUNTU-CVE-2020-15365

LibRaw before 0.20-Beta3 has an out-of-bounds write in parseexif in metadata\exifgps.cpp via an unrecognized AtomName and a zero value of tiffnifds...

OSV-2020-146 Heap-buffer-overflow in Json::OurReader::parse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21916 Crash type: Heap-buffer-overflow READ 1 Crash state: Json::OurReader::parse Json::OurCharReader::parse fuzz.cpp...