diff --git a/projects/brotli-java/build.sh b/projects/brotli-java/build.sh
index 28a20c6b93aa..6e39c0d62d15 100755
--- a/projects/brotli-java/build.sh
+++ b/projects/brotli-java/build.sh
@@ -20,7 +20,7 @@ sed -i 's/1.6</1.7</g' ./pom.xml
 
 MAVEN_ARGS="-Dmaven.test.skip=true -Djavac.src.version=11 -Djavac.target.version=11 -X"
 $MVN package
-find ./dec -name "dec-*.jar" -exec mv {} $OUT/dec.jar \;
+find ./dec -name "org.brotli.dec-*.jar" -exec mv {} $OUT/dec.jar \;
 
 ALL_JARS="dec.jar"
 BUILD_CLASSPATH=$(echo $ALL_JARS | xargs printf -- "$OUT/%s:"):$JAZZER_API_PATH
diff --git a/projects/json-flattener/project.yaml b/projects/json-flattener/project.yaml
index 8632890d55d8..d4b1f400195b 100644
--- a/projects/json-flattener/project.yaml
+++ b/projects/json-flattener/project.yaml
@@ -1,5 +1,6 @@
 homepage: "https://github.com/wnameless/json-flattener/"
 language: jvm
+primary_contact: "wnameless@gmail.com"
 fuzzing_engines:
   - libfuzzer
 main_repo: "https://github.com/wnameless/json-flattener/"
@@ -11,4 +12,4 @@ vendor_ccs:
   - "glendowne@code-intelligence.com"
   - "patrice.salathe@code-intelligence.com"
   - "hlin@code-intelligence.com"
-  - "bug-disclosure@code-intelligence.com"
\ No newline at end of file
+  - "bug-disclosure@code-intelligence.com"
diff --git a/projects/keycloak/Dockerfile b/projects/keycloak/Dockerfile
new file mode 100644
index 000000000000..b42167631b3c
--- /dev/null
+++ b/projects/keycloak/Dockerfile
@@ -0,0 +1,29 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder-jvm
+
+RUN curl -L https://archive.apache.org/dist/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.zip -o maven.zip && \
+    unzip maven.zip -d $SRC/maven && \
+    rm -rf maven.zip
+
+ENV MVN $SRC/maven/apache-maven-3.6.3/bin/mvn
+
+RUN git clone --depth 1 https://github.com/cncf/cncf-fuzzing cncf-fuzzing
+RUN git clone --depth 1 https://github.com/keycloak/keycloak keycloak
+
+COPY build.sh $SRC/
+WORKDIR $SRC/keycloak
diff --git a/projects/keycloak/build.sh b/projects/keycloak/build.sh
new file mode 100644
index 000000000000..1fdd69b141e6
--- /dev/null
+++ b/projects/keycloak/build.sh
@@ -0,0 +1,18 @@
+#!/bin/bash -eu
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+cp $SRC/cncf-fuzzing/projects/keycloak/*.java $SRC/
+$SRC/cncf-fuzzing/projects/keycloak/build.sh
diff --git a/projects/keycloak/project.yaml b/projects/keycloak/project.yaml
new file mode 100644
index 000000000000..b91fc3c66c5b
--- /dev/null
+++ b/projects/keycloak/project.yaml
@@ -0,0 +1,15 @@
+fuzzing_engines:
+- libfuzzer
+homepage: "https://www.keycloak.org/"
+language: jvm
+main_repo: "https://github.com/keycloak/keycloak"
+sanitizers:
+- address
+primary_contact: "abstractj@redhat.com"
+auto_ccs:
+- "keycloak-security@googlegroups.com"
+- "pigor.craveiro@gmail.com"
+vendor_ccs:
+- "adam@adalogics.com"
+- "david@adalogics.com"
+- "arthur.chan@adalogics.com"
diff --git a/projects/kyverno/Dockerfile b/projects/kyverno/Dockerfile
new file mode 100644
index 000000000000..5dfeb960417c
--- /dev/null
+++ b/projects/kyverno/Dockerfile
@@ -0,0 +1,28 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder-go
+RUN git clone --depth 1 https://github.com/kyverno/kyverno
+RUN wget https://go.dev/dl/go1.20.2.linux-amd64.tar.gz \ 
+    && mkdir temp-go \ 
+    && rm -rf /root/.go/* \ 
+    && tar -C temp-go/ -xzf go1.20.2.linux-amd64.tar.gz \ 
+    && mv temp-go/go/* /root/.go/ 
+
+COPY build.sh \
+         fuzz_policy_test.go \
+	 $SRC/
+WORKDIR $SRC/kyverno
diff --git a/projects/kyverno/build.sh b/projects/kyverno/build.sh
new file mode 100644
index 000000000000..3d3ee02802c6
--- /dev/null
+++ b/projects/kyverno/build.sh
@@ -0,0 +1,25 @@
+#!/bin/bash -eu
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+# required by Go 1.20
+export CXX="${CXX} -lresolv"
+
+printf "package policy\nimport _ \"github.com/AdamKorcz/go-118-fuzz-build/testing\"\n" > pkg/validation/policy/registerfuzzdep.go
+cp $SRC/fuzz_policy_test.go $SRC/kyverno/pkg/validation/policy/
+go mod tidy
+
+compile_native_go_fuzzer github.com/kyverno/kyverno/pkg/validation/policy FuzzValidatePolicy FuzzValidatePolicy
diff --git a/projects/kyverno/fuzz_policy_test.go b/projects/kyverno/fuzz_policy_test.go
new file mode 100644
index 000000000000..46aadb0bb15d
--- /dev/null
+++ b/projects/kyverno/fuzz_policy_test.go
@@ -0,0 +1,45 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package policy
+
+import (
+	"github.com/go-logr/logr"
+	kyverno "github.com/kyverno/kyverno/api/kyverno/v1"
+	"github.com/kyverno/kyverno/pkg/openapi"
+	"testing"
+
+	fuzz "github.com/AdamKorcz/go-fuzz-headers-1"
+)
+
+var fuzzOpenApiManager openapi.Manager
+
+func init() {
+	var err error
+	fuzzOpenApiManager, err = openapi.NewManager(logr.Discard())
+	if err != nil {
+		panic(err)
+	}
+}
+
+func FuzzValidatePolicy(f *testing.F) {
+	f.Fuzz(func(t *testing.T, data []byte) {
+		ff := fuzz.NewConsumer(data)
+		p := &kyverno.ClusterPolicy{}
+		ff.GenerateStruct(p)
+
+		Validate(p, nil, nil, true, fuzzOpenApiManager, "admin")
+	})
+}
diff --git a/projects/kyverno/project.yaml b/projects/kyverno/project.yaml
new file mode 100644
index 000000000000..a838a6dc0b84
--- /dev/null
+++ b/projects/kyverno/project.yaml
@@ -0,0 +1,10 @@
+homepage: "https://www.kyverno.io"
+main_repo: "https://github.com/kyverno/kyverno"
+primary_contact: "chipzoller@gmail.com"
+auto_ccs :
+  - "adam@adalogics.com"
+language: go
+fuzzing_engines:
+  - libfuzzer
+sanitizers:
+  - address
diff --git a/projects/mp4san/Dockerfile b/projects/mp4san/Dockerfile
new file mode 100644
index 000000000000..73caa7bd302f
--- /dev/null
+++ b/projects/mp4san/Dockerfile
@@ -0,0 +1,20 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FROM gcr.io/oss-fuzz-base/base-builder-rust
+
+RUN git clone --depth 1 https://github.com/privacyresearchgroup/mp4san mp4san
+WORKDIR mp4san
+
+COPY build.sh $SRC/
diff --git a/projects/mp4san/build.sh b/projects/mp4san/build.sh
new file mode 100644
index 000000000000..41533cdd0dc8
--- /dev/null
+++ b/projects/mp4san/build.sh
@@ -0,0 +1,29 @@
+#!/bin/bash -eu
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+PROJECT_DIR=$SRC/mp4san
+FUZZ_DIR=$PROJECT_DIR/mp4san/fuzz
+cd $FUZZ_DIR && cargo fuzz build -O --debug-assertions
+
+FUZZ_INPUT_DIR=$FUZZ_DIR/input
+
+FUZZ_TARGET_OUTPUT_DIR=$FUZZ_DIR/target/x86_64-unknown-linux-gnu/release/
+for fuzz_target in $FUZZ_DIR/fuzz_targets/*.rs
+do
+    FUZZ_TARGET_NAME=$(basename ${fuzz_target%.*})
+    cp $FUZZ_TARGET_OUTPUT_DIR/$FUZZ_TARGET_NAME $OUT/
+    cp $FUZZ_DIR/mp4.dict $OUT/$FUZZ_TARGET_NAME.dict
+    zip -jr $OUT/${FUZZ_TARGET_NAME}_seed_corpus.zip $FUZZ_INPUT_DIR/
+done
diff --git a/projects/mp4san/project.yaml b/projects/mp4san/project.yaml
new file mode 100644
index 000000000000..d3302682770e
--- /dev/null
+++ b/projects/mp4san/project.yaml
@@ -0,0 +1,10 @@
+homepage: "https://github.com/privacyresearchgroup/mp4san"
+language: rust
+primary_contact: "usual.beach5937@jessacake.com"
+main_repo: "https://github.com/privacyresearchgroup/mp4san"
+vendor_ccs:
+  - "security@signal.org"
+sanitizers:
+  - address
+fuzzing_engines:
+  - libfuzzer
diff --git a/projects/powerdns/build.sh b/projects/powerdns/build.sh
index 36c2b38d674a..67829ff3b93e 100644
--- a/projects/powerdns/build.sh
+++ b/projects/powerdns/build.sh
@@ -34,6 +34,7 @@ autoreconf -vi
     --enable-fuzz-targets \
     --disable-dependency-tracking \
     --disable-silent-rules || /bin/bash
+make -j$(nproc) -C ext/arc4random/
 make -j$(nproc) -C ext/yahttp/
 cd pdns
 make -j$(nproc) fuzz_targets
diff --git a/projects/quic-go/.gitignore b/projects/quic-go/.gitignore
new file mode 100644
index 000000000000..5097400ec160
--- /dev/null
+++ b/projects/quic-go/.gitignore
@@ -0,0 +1 @@
+oss-fuzz.sh
diff --git a/projects/quic-go/Dockerfile b/projects/quic-go/Dockerfile
index d0df733af537..6c29e13276e4 100644
--- a/projects/quic-go/Dockerfile
+++ b/projects/quic-go/Dockerfile
@@ -16,9 +16,14 @@
 
 FROM gcr.io/oss-fuzz-base/base-builder-go
 
-RUN git clone --depth 1 https://github.com/quic-go/qpack/
-RUN git clone --depth 1 https://github.com/quic-go/quic-go/
+RUN git clone --depth 1 https://github.com/quic-go/qpack/ $GOPATH/src/github.com/quic-go/qpack
+RUN git clone --depth 1 https://github.com/quic-go/quic-go/ $GOPATH/src/github.com/quic-go/quic-go
 
-RUN cp quic-go/oss-fuzz.sh build.sh
-# Enable this for easier local testing / repro
-# COPY build.sh .
+RUN cp $GOPATH/src/github.com/quic-go/quic-go/oss-fuzz.sh $SRC/build.sh
+# Local testing:
+# 1. copy oss-fuzz.sh from quic-go repo to projects/quic-go
+# 2. uncomment this line
+# 3. run infra/helper.py build_image quic-go
+# COPY oss-fuzz.sh $SRC/build.sh
+
+RUN chmod +x $SRC/build.sh
diff --git a/projects/rabbitmq-c/build.sh b/projects/rabbitmq-c/build.sh
index fc508953751c..bffa6f46fe49 100644
--- a/projects/rabbitmq-c/build.sh
+++ b/projects/rabbitmq-c/build.sh
@@ -26,7 +26,9 @@ cmake \
 
 make -j$(nproc)
 
-cp fuzz/fuzz_url $OUT/fuzz_url
+if [ "$SANITIZER" != "undefined" ]; then
+    cp fuzz/fuzz_url $OUT/fuzz_url
+fi
 cp fuzz/fuzz_table $OUT/fuzz_table
 cp fuzz/fuzz_server $OUT/fuzz_server
 popd
diff --git a/projects/rabbitmq-c/project.yaml b/projects/rabbitmq-c/project.yaml
index c3c4095dc174..e1c62f284d72 100644
--- a/projects/rabbitmq-c/project.yaml
+++ b/projects/rabbitmq-c/project.yaml
@@ -9,4 +9,6 @@ fuzzing_engines:
   - honggfuzz
 sanitizers:
   - address
+  - memory
+  - undefined
 main_repo: 'https://github.com/alanxz/rabbitmq-c'
diff --git a/projects/spring-cloud-config/Dockerfile b/projects/spring-cloud-config/Dockerfile
index 4d92ab9f69c7..c0aff80d375e 100644
--- a/projects/spring-cloud-config/Dockerfile
+++ b/projects/spring-cloud-config/Dockerfile
@@ -20,6 +20,10 @@ RUN curl -L https://archive.apache.org/dist/maven/maven-3/3.6.3/binaries/apache-
 unzip maven.zip -d $SRC/maven-3.6.3 && \
 rm -rf maven.zip
 
+RUN curl -L https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.7%2B7/OpenJDK17U-jdk_x64_linux_hotspot_17.0.7_7.tar.gz -o jdk.tar.gz && \
+tar xvf jdk.tar.gz && \
+rm -rf jdk.tar.gz
+
 ENV MVN $SRC/maven-3.6.3/apache-maven-3.6.3/bin/mvn
 
 WORKDIR ${SRC}
diff --git a/projects/spring-cloud-config/build.sh b/projects/spring-cloud-config/build.sh
index 2395b7df8125..8710b1926e31 100644
--- a/projects/spring-cloud-config/build.sh
+++ b/projects/spring-cloud-config/build.sh
@@ -15,8 +15,8 @@
 #
 ################################################################################
 
-apt-get update && apt-get install -y openjdk-17-jdk-headless
-export JAVA_HOME="/usr/lib/jvm/java-17-openjdk-amd64"
+cp -r $SRC/jdk-17.0.7+7 $OUT/jdk
+export JAVA_HOME="$OUT/jdk"
 
 MVN_FLAGS="-Dmaven.compiler.source=17 -Dmaven.compiler.target=17 -DskipTests"
 ALL_JARS=""
@@ -74,11 +74,8 @@ for fuzzer in $(find ${SRC} -name '*Fuzzer.java'); do
 	echo "#!/bin/sh
 # LLVMFuzzerTestOneInput Magic String required for infra/base-image/test_all.py. DO NOT REMOVE
 
-# We need java-17.
-apt-get update && apt-get install -y openjdk-17-jdk-headless
-
 this_dir=\$(dirname \"\$0\")
-JAVA_HOME=\"/usr/lib/jvm/java-17-openjdk-amd64\" \
+JAVA_HOME=\$this_dir/jdk \
 LD_LIBRARY_PATH=\"\$JAVA_HOME/lib/server\":\$this_dir \
 \$this_dir/jazzer_driver --agent_path=\$this_dir/jazzer_agent_deploy.jar \
 --cp=${RUNTIME_CLASSPATH} \
diff --git a/projects/spring-cloud-netflix/Dockerfile b/projects/spring-cloud-netflix/Dockerfile
index b80c58d48264..d6406dd35069 100644
--- a/projects/spring-cloud-netflix/Dockerfile
+++ b/projects/spring-cloud-netflix/Dockerfile
@@ -20,6 +20,10 @@ RUN curl -L https://archive.apache.org/dist/maven/maven-3/3.6.3/binaries/apache-
 unzip maven.zip -d $SRC/maven && \
 rm -rf maven.zip
 
+RUN curl -L https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.7%2B7/OpenJDK17U-jdk_x64_linux_hotspot_17.0.7_7.tar.gz -o jdk.tar.gz && \
+tar xvf jdk.tar.gz && \
+rm -rf jdk.tar.gz
+
 ENV MVN $SRC/maven/apache-maven-3.6.3/bin/mvn
 
 RUN git clone https://github.com/spring-cloud/spring-cloud-netflix.git
diff --git a/projects/spring-cloud-netflix/build.sh b/projects/spring-cloud-netflix/build.sh
index bd3772173428..674d6ff6e6b6 100644
--- a/projects/spring-cloud-netflix/build.sh
+++ b/projects/spring-cloud-netflix/build.sh
@@ -15,8 +15,8 @@
 #
 ################################################################################
 
-apt-get update && apt-get install -y openjdk-17-jdk-headless
-export JAVA_HOME="/usr/lib/jvm/java-17-openjdk-amd64"
+cp -r $SRC/jdk-17.0.7+7 $OUT/jdk
+export JAVA_HOME="$OUT/jdk"
 
 MVN_FLAGS="-Dmaven.compiler.source=17 -Dmaven.compiler.target=17 -DskipTests"
 ALL_JARS=""
@@ -73,11 +73,9 @@ for fuzzer in $(find ${SRC} -name '*Fuzzer.java'); do
 	
 	echo "#!/bin/sh
 # LLVMFuzzerTestOneInput Magic String required for infra/base-image/test_all.py. DO NOT REMOVE
-# We need java-17.
-apt-get update && apt-get install -y openjdk-17-jdk-headless
 
 this_dir=\$(dirname \"\$0\")
-JAVA_HOME=\"/usr/lib/jvm/java-17-openjdk-amd64\" \
+JAVA_HOME=\$this_dir/jdk \
 LD_LIBRARY_PATH=\"\$JAVA_HOME/lib/server\":\$this_dir \
 \$this_dir/jazzer_driver --agent_path=\$this_dir/jazzer_agent_deploy.jar \
 --cp=${RUNTIME_CLASSPATH} \
diff --git a/projects/xz/build.sh b/projects/xz/build.sh
index 8480c901f187..57923c8f557b 100755
--- a/projects/xz/build.sh
+++ b/projects/xz/build.sh
@@ -24,7 +24,8 @@
   --disable-xz \
   --disable-xzdec \
   --disable-lzmadec \
-  --disable-lzmainfo
+  --disable-lzmainfo \
+  --disable-ifunc
 make clean
 make -j$(nproc) && make -C tests/ossfuzz && \
     cp tests/ossfuzz/config/fuzz.options $OUT/ && \