CVE/CNVD list

8/14/2024 gandalf

报告记录&poc：

最近fuzz出了不少crash，提交记录git：
https://github.com/gandalf4a/crash_report

其中CVE记录如下: （不定期持续更新）

2024

CVE-2024-47814： VIM use-after-free when closing buffers in Vim < 9.1.0764

https://www.openwall.com/lists/oss-security/2024/10/06/1

CVE-2024-40784: Apple ImageI/O 整数溢出

https://support.apple.com/en-us/120909

CVE-2024-29489：jerryscript-project SEGV

https://github.com/advisories/GHSA-pq5r-rp8m-p9vh

2023

CVE-2023-48706：VIM heap-use-after-free in ex_substitute in Vim < v9.0.2121

https://www.openwall.com/lists/oss-security/2023/11/22/3

CVE-2023-5686：radare2 heap-buffer-overflow

https://huntr.com/bounties/bbfe1f76-8fa1-4a8c-909d-65b16e970be0

CVE-2023-47016： radare2 heap-buffer-overflow2

https://github.com/advisories/GHSA-xqp4-mm4v-p6r4

CVE-2023-46569：radare2 global-buffer-overflow

https://github.com/advisories/GHSA-37gv-9q37-8946

CVE-2023-46570：radare2 global-buffer-overflow2

https://github.com/advisories/GHSA-hf28-wjr8-2h5p

CVE-2023-5595： gpac 3 SEGV

https://huntr.com/bounties/0064cf76-ece1-495d-82b4-e4a1bebeb28e

2022

CNVD-2022-67502：ludashi命令执行

fuzz / Vulnerability

0 评论:

发表评论

订阅：博文评论 (Atom)