z1r00/fuzz_vuln

Releases0

Stars2

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-29570 ↗	Apr 24, 2023Monday, 24 April 2023, 14:15	5.5 MEDIUM	—
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_ffi_cb_free at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).
CVE-2023-29582 ↗	Apr 24, 2023Monday, 24 April 2023, 13:15	5.5 MEDIUM	—
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.
CVE-2023-29583 ↗	Apr 24, 2023Monday, 24 April 2023, 13:15	5.5 MEDIUM	—
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.
CVE-2023-29578 ↗	Apr 24, 2023Monday, 24 April 2023, 13:15	8.8 HIGH	—
mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the mp4v2::impl::MP4StringProperty::~MP4StringProperty() function at src/mp4property.cpp.
CVE-2023-29579 ↗	Apr 24, 2023Monday, 24 April 2023, 13:15	5.5 MEDIUM	—
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.
CVE-2023-29575 ↗	Apr 21, 2023Friday, 21 April 2023, 14:15	5.5 MEDIUM	—
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component.
CVE-2023-29584 ↗	Apr 14, 2023Friday, 14 April 2023, 12:15	8.8 HIGH	—
mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp.
CVE-2023-29569 ↗	Apr 14, 2023Friday, 14 April 2023, 12:15	5.5 MEDIUM	—
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).
CVE-2023-29573 ↗	Apr 13, 2023Thursday, 13 April 2023, 20:15	5.5 MEDIUM	—
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component.
CVE-2023-29581 ↗	Apr 12, 2023Wednesday, 12 April 2023, 16:15	5.5 MEDIUM	—
yasm 1.3.0.55.g101bc has a segmentation violation in the function delete_Token at modules/preprocs/nasm/nasm-pp.c. NOTE: although a libyasm application could become unavailable if this were exploited, the vendor's position is that there is no security relevance because there is either supposed to be input validation before data reaches libyasm, or a sandbox in which the application runs.
CVE-2023-29571 ↗	Apr 12, 2023Wednesday, 12 April 2023, 15:15	5.5 MEDIUM	—
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_sweep at src/mjs_gc.c. This vulnerability can lead to a Denial of Service (DoS).
CVE-2023-29580 ↗	Apr 12, 2023Wednesday, 12 April 2023, 13:15	5.5 MEDIUM	—
yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c.
CVE-2023-29574 ↗	Apr 12, 2023Wednesday, 12 April 2023, 13:15	5.5 MEDIUM	—
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42avc component.
CVE-2023-29576 ↗	Apr 11, 2023Tuesday, 11 April 2023, 21:15	5.5 MEDIUM	—
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h.