Libde265
by Strukturag
Source repositories
CVEs (62)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-49468 | Hig | 0.57 | 8.8 | 0.01 | Dec 7, 2023 | Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc. | ||
| CVE-2023-49467 | Hig | 0.57 | 8.8 | 0.01 | Dec 7, 2023 | Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates function at motion.cc. | ||
| CVE-2023-49465 | Hig | 0.57 | 8.8 | 0.01 | Dec 7, 2023 | Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at motion.cc. | ||
| CVE-2023-27103 | Hig | 0.57 | 8.8 | 0.01 | Mar 15, 2023 | Libde265 v1.0.11 was discovered to contain a heap buffer overflow via the function derive_collocated_motion_vectors at motion.cc. | ||
| CVE-2020-21598 | Hig | 0.57 | 8.8 | 0.02 | Sep 16, 2021 | libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file. | ||
| CVE-2022-47665 | Hig | 0.51 | 7.8 | 0.00 | Mar 3, 2023 | Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int, int, int) | ||
| CVE-2022-47664 | Hig | 0.51 | 7.8 | 0.00 | Mar 3, 2023 | Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse | ||
| CVE-2023-25221 | Hig | 0.51 | 7.8 | 0.00 | Mar 1, 2023 | Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc. | ||
| CVE-2022-47655 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback | ||
| CVE-2021-36409 | Hig | 0.51 | 7.8 | 0.01 | Jan 10, 2022 | There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact. | ||
| CVE-2024-38950 | Med | 0.42 | 6.5 | 0.00 | Jun 26, 2024 | Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function. | ||
| CVE-2024-38949 | Med | 0.42 | 6.5 | 0.00 | Jun 26, 2024 | Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc | ||
| CVE-2023-27102 | Med | 0.42 | 6.5 | 0.01 | Mar 15, 2023 | Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decoder_context::process_slice_segment_header at decctx.cc. | ||
| CVE-2023-24751 | Med | 0.42 | 6.5 | 0.01 | Mar 1, 2023 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | ||
| CVE-2022-43253 | Med | 0.42 | 6.5 | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | ||
| CVE-2022-43252 | Med | 0.42 | 6.5 | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | ||
| CVE-2022-43250 | Med | 0.42 | 6.5 | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | ||
| CVE-2022-43249 | Med | 0.42 | 6.5 | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | ||
| CVE-2022-43248 | Med | 0.42 | 6.5 | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | ||
| CVE-2022-43245 | Med | 0.42 | 6.5 | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal in sao.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. |
- risk 0.57cvss 8.8epss 0.01
Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc.
- risk 0.57cvss 8.8epss 0.01
Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates function at motion.cc.
- risk 0.57cvss 8.8epss 0.01
Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at motion.cc.
- risk 0.57cvss 8.8epss 0.01
Libde265 v1.0.11 was discovered to contain a heap buffer overflow via the function derive_collocated_motion_vectors at motion.cc.
- risk 0.57cvss 8.8epss 0.02
libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.
- risk 0.51cvss 7.8epss 0.00
Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int, int, int)
- risk 0.51cvss 7.8epss 0.00
Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse
- risk 0.51cvss 7.8epss 0.00
Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc.
- risk 0.51cvss 7.8epss 0.00
Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback
- risk 0.51cvss 7.8epss 0.01
There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact.
- risk 0.42cvss 6.5epss 0.00
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.
- risk 0.42cvss 6.5epss 0.00
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
- risk 0.42cvss 6.5epss 0.01
Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decoder_context::process_slice_segment_header at decctx.cc.
- risk 0.42cvss 6.5epss 0.01
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.
- risk 0.42cvss 6.5epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- risk 0.42cvss 6.5epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- risk 0.42cvss 6.5epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- risk 0.42cvss 6.5epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- risk 0.42cvss 6.5epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- risk 0.42cvss 6.5epss 0.01
Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal in sao.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
Page 1 of 4