1495 matches found
OSV-2020-1479 Segv on unknown address in clang::Preprocessor::AnnotatePreviousCachedTokens
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19064 Crash type: Segv on unknown address Crash state: clang::Preprocessor::AnnotatePreviousCachedTokens clang::Parser::TryAnnotateTypeOrScopeTokenAfterScopeSpec clang::Parser::TryAnnotateTypeOrScopeToken...
OSV-2020-1461 Heap-buffer-overflow in yr_object_set_string
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6402 Crash type: Heap-buffer-overflow READ 6 Crash state: yrobjectsetstring dexparse dexload...
OSV-2020-1459 Segv on unknown address in clang::Sema::LookupQualifiedName
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19181 Crash type: Segv on unknown address Crash state: clang::Sema::LookupQualifiedName clang::Sema::CppLookupName clang::Sema::LookupName...
OSV-2020-1457 Segv on unknown address in llvm::APInt::udiv
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19180 Crash type: Segv on unknown address Crash state: llvm::APInt::udiv ComplexExprEvaluator::VisitBinaryOperator clang::StmtVisitorBase::Visit...
OSV-2020-1452 Heap-buffer-overflow in yr_object_set_string
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6402 Crash type: Heap-buffer-overflow READ 12 Crash state: yrobjectsetstring dexparse dexload...
OSV-2020-1442 Segv on unknown address in clang::CXXRecordDecl::data
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19228 Crash type: Segv on unknown address Crash state: clang::CXXRecordDecl::data getDefaultInitValue EvaluateVarDecl...
OSV-2020-1425 Use-of-uninitialized-value in dotnet_parse_com
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8901 Crash type: Use-of-uninitialized-value Crash state: dotnetparsecom dotnetload yrmodulesload...
OSV-2020-1416 Segv on unknown address in clang::Decl::AccessDeclContextSanity
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19117 Crash type: Segv on unknown address Crash state: clang::Decl::AccessDeclContextSanity LookupDirect clang::Sema::LookupQualifiedName...
OSV-2020-1413 Segv on unknown address in clang::Decl::AccessDeclContextSanity
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19071 Crash type: Segv on unknown address Crash state: clang::Decl::AccessDeclContextSanity clang::Sema::SetMemberAccessSpecifier clang::Sema::ActOnTag...
OSV-2020-1403 Use-of-uninitialized-value in put_weighted_pred_8_fallback
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22101 Crash type: Use-of-uninitialized-value Crash state: putweightedpred8fallback accelerationfunctions::putweightedpred generateinterpredictionsamples...
OSV-2020-1402 Heap-buffer-overflow in yr_object_set_string
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6402 Crash type: Heap-buffer-overflow READ Crash state: yrobjectsetstring dexparse dexload...
OSV-2020-1398 Heap-buffer-overflow in yr_object_set_string
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6402 Crash type: Heap-buffer-overflow READ 14 Crash state: yrobjectsetstring dexparse dexload...
OSV-2020-1384 Segv on unknown address in llvm::llvm_unreachable_internal
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19652 Crash type: Segv on unknown address Crash state: llvm::llvmunreachableinternal clang::operator clang::Sema::SetMemberAccessSpecifier...
OSV-2020-1383 Container-overflow in grk::T2Decode::read_packet_header
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24427 Crash type: Container-overflow READ 8 Crash state: grk::T2Decode::readpacketheader grk::T2Decode::decodepacket grk::T2Decode::decodepackets...
OSV-2020-1185 Global-buffer-overflow in kencodingprober::nsCodingStateMachine::NextState
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12919 Crash type: Global-buffer-overflow READ 4 Crash state: kencodingprober::nsCodingStateMachine::NextState kencodingprober::nsEscCharSetProber::HandleData kencodingprober::nsUniversalDetector::HandleData...
OSV-2020-895 Heap-buffer-overflow in rasteropGeneralLow
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24030 Crash type: Heap-buffer-overflow READ 4 Crash state: rasteropGeneralLow rasteropLow pixRasterop...
OSV-2020-519 Use-of-uninitialized-value in MOS65XX_group_name
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15112 Crash type: Use-of-uninitialized-value Crash state: MOS65XXgroupname csgroupname fuzzdisasm.c...
OSV-2020-354 UNKNOWN READ in ot::Ip6::NetifUnicastAddress::GetNext
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13409 Crash type: UNKNOWN READ Crash state: ot::Ip6::NetifUnicastAddress::GetNext ot::Ip6::Netif::RemoveUnicastAddress ot::Mle::Mle::SetStateDetached...
OSV-2020-125 Negative-size-param in parquet::PlainByteArrayDecoder::DecodeArrowDense
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20669 Crash type: Negative-size-param Crash state: parquet::PlainByteArrayDecoder::DecodeArrowDense parquet::PlainByteArrayDecoder::DecodeArrow parquet::internal::ByteArrayChunkedRecordReader::ReadValuesSpaced...
Arbitrary Code Execution
mosc is vulnerable to arbitrary code execution. Untrusted user input to the properties argument is passed to the eval function without validation, allowing an attacker to execute arbitrary code...