VYPR

Vendor CVEs

Nothings

All CVEs

54 total · sorted by risk
  • CVE-2019-19777HigDec 13, 2019
    risk 0.57cvss 8.8epss 0.01

    stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.

  • CVE-2018-16981HigSep 12, 2018
    risk 0.57cvss 8.8epss 0.02

    stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.

  • CVE-2026-5317MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in Nothings stb up to 1.22. This affects the function start_decoder of the file stb_vorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used…

  • CVE-2025-3409MedApr 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stb_include_string. The manipulation of the argument path_to_includes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product…

  • CVE-2025-3408MedApr 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by this issue is the function stb_dupreplace. The manipulation leads to integer overflow. The attack may be launched remotely. Continious delivery with rolling releases is used by…

  • CVE-2025-3407MedApr 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in Nothings stb up to f056911. It has been declared as critical. Affected by this vulnerability is the function stbhw_build_tileset_from_image. The manipulation of the argument h_count/v_count leads to out-of-bounds read. The attack can be launched…

  • CVE-2022-27938MedMar 26, 2022
    risk 0.36cvss 5.5epss 0.01

    stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw.

  • CVE-2026-5186MedMar 31, 2026
    risk 0.34cvss 5.3epss 0.00

    A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbi__load_gif_main of the file stb_image.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made…

  • CVE-2026-5185MedMar 31, 2026
    risk 0.34cvss 5.3epss 0.00

    A security flaw has been discovered in Nothings stb_image up to 2.30. This affects the function stbi__gif_load_next of the file stb_image.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local…

  • CVE-2026-5316MedApr 2, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setup_free of the file stb_vorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might…

  • CVE-2026-5315MedApr 2, 2026
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbtt__buf_get8 in the library stb_truetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The…

  • CVE-2026-5314MedApr 1, 2026
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The…

  • CVE-2026-5313MedApr 1, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbi__gif_load_next in the library stb_image.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been…

  • CVE-2025-3406MedApr 8, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was found in Nothings stb up to f056911. It has been classified as problematic. Affected is the function stbhw_build_tileset_from_image of the component Header Array Handler. The manipulation of the argument w leads to out-of-bounds read. It is possible to launch…

  • CVE-2023-43281Oct 24, 2023
    risk 0.00cvss epss 0.01

    Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function.

  • CVE-2023-45682Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds read in `DECODE` macro when `var` is negative. As it can be seen in the definition of `DECODE_RAW` a negative `var` is a valid value. This issue may be used…

  • CVE-2023-45681Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in `start_decoder`. The root cause is a potential integer overflow in `sizeof(char*) * (f->comment_list_length)` which may make…

  • CVE-2023-45680Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in `start_decoder`. In that case the function returns early, the `f->comment_list` is set to `NULL`, but `f->comment_list_length` is not reset.…

  • CVE-2023-45679Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in `start_decoder`. In that case the function returns early, but some of the pointers in `f->comment_list` are left initialized and later…

  • CVE-2023-45678Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in `start_decoder` because at maximum `m->submaps` can be 16 but `submap_floor` and `submap_residue` are declared as arrays of 15 elements. This issue…

  • CVE-2023-45677Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[len] = (char)'\0';`. The root cause is that if `len` read in `start_decoder` is a negative number and `setup_malloc` successfully…

  • CVE-2023-45676Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[i] = get8_packet(f);`. The root cause is an integer overflow in `setup_malloc`. A sufficiently large value in the variable `sz`…

  • CVE-2023-45675Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[len] = (char)'\0';`. The root cause is that if the len read in `start_decoder` is `-1` and `len + 1` becomes 0 when passed to…

  • CVE-2023-45667Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_image is a single file MIT licensed library for processing images. If `stbi__load_gif_main` in `stbi_load_gif_from_memory` fails it returns a null pointer and may keep the `z` variable uninitialized. In case the caller also sets the flip vertically flag, it continues and…

  • CVE-2023-45666Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_image is a single file MIT licensed library for processing images. It may look like `stbi__load_gif_main` doesn’t give guarantees about the content of output value `*delays` upon failure. Although it sets `*delays` to zero at the beginning, it doesn’t do it in case the…

  • CVE-2023-45664Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_image is a single file MIT licensed library for processing images. A crafted image file can trigger `stbi__load_gif_main_outofmem` attempt to double-free the out variable. This happens in `stbi__load_gif_main` because when the `layers * stride` value is zero the behavior is…

  • CVE-2023-45663Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_image is a single file MIT licensed library for processing images. The stbi__getn function reads a specified number of bytes from context (typically a file) into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its…

  • CVE-2023-45662Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_image is a single file MIT licensed library for processing images. When `stbi_set_flip_vertically_on_load` is set to `TRUE` and `req_comp` is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A…

  • CVE-2023-45661Oct 20, 2023
    risk 0.00cvss epss 0.01

    stb_image is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in `stbi__gif_load_next`. This happens because two_back points to a memory address lower than the start of the buffer out. This issue may be used to…

  • CVE-2023-43898Oct 3, 2023
    risk 0.00cvss epss 0.00

    Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file.

  • CVE-2021-37789Nov 2, 2022
    risk 0.00cvss epss 0.01

    stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service.

  • CVE-2022-28048Apr 15, 2022
    risk 0.00cvss epss 0.02

    STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac.

  • CVE-2022-28041Apr 15, 2022
    risk 0.00cvss epss 0.02

    stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

  • CVE-2022-28042Apr 15, 2022
    risk 0.00cvss epss 0.02

    stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.

  • CVE-2022-25516Mar 17, 2022
    risk 0.00cvss epss 0.01

    stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbtt__find_table at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.

  • CVE-2022-25514Mar 17, 2022
    risk 0.00cvss epss 0.01

    stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.

  • CVE-2022-25515Mar 17, 2022
    risk 0.00cvss epss 0.01

    stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.

  • CVE-2021-42716Oct 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service…

  • CVE-2021-42715Oct 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted…

  • CVE-2020-6617Jan 8, 2020
    risk 0.00cvss epss 0.01

    stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int.

  • CVE-2020-6618Jan 8, 2020
    risk 0.00cvss epss 0.01

    stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__find_table.

  • CVE-2020-6619Jan 8, 2020
    risk 0.00cvss epss 0.01

    stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek.

  • CVE-2020-6620Jan 8, 2020
    risk 0.00cvss epss 0.01

    stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8.

  • CVE-2020-6621Jan 8, 2020
    risk 0.00cvss epss 0.01

    stb stb_truetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT.

  • CVE-2020-6622Jan 8, 2020
    risk 0.00cvss epss 0.01

    stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8.

  • CVE-2020-6623Jan 8, 2020
    risk 0.00cvss epss 0.01

    stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index.

  • CVE-2019-20056Dec 29, 2019
    risk 0.00cvss epss 0.01

    stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has an assertion failure in stbi__shiftsigned.

  • CVE-2019-13220Aug 15, 2019
    risk 0.00cvss epss 0.01

    Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.

  • CVE-2019-13218Aug 15, 2019
    risk 0.00cvss epss 0.01

    Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.

  • CVE-2019-13222Aug 15, 2019
    risk 0.00cvss epss 0.01

    An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.

Page 1 of 2