afl-clang-fast

Linux Privilege EscalationCVE-2021-3156 > Exploiting heap-based buffer overflow in sudo for privilege escalation

Improper handling of escaped space leads to copying data pass null terminator, causing buffer overflow on the heap.

March 19, 2026 • nday

OthersCVE-2019-13288 > XPDF Infinite recursion & Null pointer dereference

CVE-2019-13288 breaks Xpdf’s invariant that the “object stream” referenced by a compressed object must be an uncompressed stream, because the fetch path doesn’t enforce that rule and a crafted xref can make the supposed object stream itself compressed, causing unbounded recursive fetching and a crash.

December 22, 2025 • nday