Skip to content
/ security_advisories Public

A repository for archiving my vulnerability discoveries.

17 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ChijinZ/security_advisories

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

57 Commits
PDFgen-206ef1b
PDFgen-206ef1b
 
 
PostgreSQL
PostgreSQL
 
 
ReadStat-7bced5b
ReadStat-7bced5b
 
 
go-v1.14.4-archive-tar
go-v1.14.4-archive-tar
 
 
libconfig-f53e5de
libconfig-f53e5de
 
 
libjpeg-v9a
libjpeg-v9a
 
 
libjpeg-v9c
libjpeg-v9c
 
 
libucl-230f197
libucl-230f197
 
 
lldb.rs
lldb.rs
 
 
md4c-387bd02
md4c-387bd02
 
 
md4c-81e2a5c
md4c-81e2a5c
 
 
md4c-e0002e2
md4c-e0002e2
 
 
miniz-2.0.8
miniz-2.0.8
 
 
others
others
 
 
pdffigures
pdffigures
 
 
tinyexr_16aba30
tinyexr_16aba30
 
 
tinyexr_65f9859
tinyexr_65f9859
 
 
tinyexr_6fd0c1f
tinyexr_6fd0c1f
 
 
tinyexr_7953aea
tinyexr_7953aea
 
 
tinyexr_b53a457
tinyexr_b53a457
 
 
webkitgtk-2.32.3
webkitgtk-2.32.3
 
 
webkitgtk-2.36.0
webkitgtk-2.36.0
 
 
.gitignore
.gitignore
 
 
readme.md
readme.md
 
 

Repository files navigation

Overview

Kubernetes

  • CVE-2020-8560 (to be disclosed; $200 bounty)
  • CVE-2020-8556 (to be disclosed; $1000 bounty)

Go/archive/tar

  • out-of-range panic in strconv.go:269

postgresSQL

  • Buffer overflow when continuously send SIGHUP to postgres

libjpeg-v9c

  • CVE-2018-11813 (with acknowledgement in official website)

libucl-230f197

  • Assertion Failure in ucl_msgpack.c:845

libjpeg-v9a

  • CVE-2018-11212
  • CVE-2018-11213
  • CVE-2018-11214

md4c-81e2a5c

  • CVE-2018-11536
  • Heap buffer overflow in md_process_inlines()

md4c-387bd02

  • CVE-2018-11547
  • CVE-2018-11546
  • CVE-2018-11545

pdffigures

  • SEGV in TextUtils.cpp:157

PDFgen-206ef1b

  • CVE-2018-11363

ReadStat-7bced5b

  • CVE-2018-11364

tinyexr_7953aea

  • CVE-2018-12064

tinyexr_6fd0c1f

  • CVE-2018-12093
  • CVE-2018-12092

tinyexr_b53a457

  • CVE-2018-12504
  • CVE-2018-12503

tinyexr_16aba30

  • CVE-2018-12688
  • CVE-2018-12687

lldb.rs

  • SIGSEGV in frame.rs:153

miniz-2.0.8

  • Infinite loop in miniz_tester.cpp:652

tinyexr_65f9859

  • CVE-2018-20652 (duplicated)
  • CVE-2018-12503 (duplicated)
  • CVE-2020-18430
  • CVE-2020-18428

libconfig-f53e5de

  • Undefined behavior in config_setting_set_string (libconfig.c:1178)
  • Undefined behavior in __config_name_compare (libconfig.c:134)

About

A repository for archiving my vulnerability discoveries.

Resources

Readme
Activity

Stars

17 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages