diff --git a/cve-test-suite/cve-2018-11360.c b/cve-test-suite/cve-2018-11360.c
new file mode 100644
index 000000000..c7de11b10
--- /dev/null
+++ b/cve-test-suite/cve-2018-11360.c
@@ -0,0 +1,15 @@
+
+// CVE: CVE-2018-6836
+// This is a simplified code example based on CVE-2018-11360.
+
+void *malloc(unsigned long);
+void free(void *);
+
+void f(int size)
+{
+    char *ia5_string = malloc(size); // Hint: Off by one
+    for (int i = 0; i <= size; i++)
+        ia5_string[i]=0; // BUG
+    free(ia5_string);
+}
+
diff --git a/cve-test-suite/cve-2018-5334.c b/cve-test-suite/cve-2018-5334.c
new file mode 100644
index 000000000..82f3eff4a
--- /dev/null
+++ b/cve-test-suite/cve-2018-5334.c
@@ -0,0 +1,9 @@
+
+// CVE-2018-5334
+
+#define LEN  100
+
+void f(const int *m_ptr, int sig_off, int rec_size)
+{
+  if (m_ptr[sig_off] == 0xdd && (sig_off + 15 <= (rec_size - LEN))) {}
+}
diff --git a/cve-test-suite/cve-2018-6836.c b/cve-test-suite/cve-2018-6836.c
new file mode 100644
index 000000000..177199a2f
--- /dev/null
+++ b/cve-test-suite/cve-2018-6836.c
@@ -0,0 +1,28 @@
+
+void *malloc(unsigned long);
+void free(void *);
+
+struct comment {
+  int *p;
+};
+
+struct table {
+  struct comment *p;
+};
+
+void delete_table(struct table *t)
+{
+    free(t->p->p);
+    free(t->p);
+    free(t);
+}
+
+void f()
+{
+    struct table *t = (struct table *)malloc(sizeof(struct table));
+    struct comment *comment_rec = (struct comment *)malloc(sizeof(struct comment));
+    t->p = comment_rec;
+    delete_table(t);
+}
+
+