Vendor CVEs
Strukturag
All CVEs
84 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-43252 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43245 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal in sao.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43237 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43248 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43235 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43249 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43243 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_weighted_pred_avg_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43240 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43242 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_luma in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43244 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43250 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43253 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43239 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_chroma in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-43241 | 0.00 | — | 0.01 | Nov 2, 2022 | Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||
| CVE-2022-1253 | 0.00 | — | 0.02 | Apr 6, 2022 | Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release. | |||
| CVE-2021-36411 | 0.00 | — | 0.01 | Jan 10, 2022 | An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of… | |||
| CVE-2021-36408 | 0.00 | — | 0.01 | Jan 10, 2022 | An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265. | |||
| CVE-2021-36409 | 0.00 | — | 0.01 | Jan 10, 2022 | There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact. | |||
| CVE-2021-35452 | 0.00 | — | 0.01 | Jan 10, 2022 | An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc. | |||
| CVE-2021-36410 | 0.00 | — | 0.01 | Jan 10, 2022 | A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265. | |||
| CVE-2020-23109 | 0.00 | — | 0.01 | Nov 3, 2021 | Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file. | |||
| CVE-2020-21597 | 0.00 | — | 0.01 | Sep 16, 2021 | libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file. | |||
| CVE-2020-21601 | 0.00 | — | 0.01 | Sep 16, 2021 | libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file. | |||
| CVE-2020-21603 | 0.00 | — | 0.01 | Sep 16, 2021 | libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file. | |||
| CVE-2020-21596 | 0.00 | — | 0.01 | Sep 16, 2021 | libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file. | |||
| CVE-2020-21606 | 0.00 | — | 0.01 | Sep 16, 2021 | libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file. | |||
| CVE-2020-21602 | 0.00 | — | 0.01 | Sep 16, 2021 | libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file. | |||
| CVE-2020-21604 | 0.00 | — | 0.01 | Sep 16, 2021 | libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file. | |||
| CVE-2020-21600 | 0.00 | — | 0.01 | Sep 16, 2021 | libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file. | |||
| CVE-2020-21595 | 0.00 | — | 0.01 | Sep 16, 2021 | libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via a crafted a file. | |||
| CVE-2020-21599 | 0.00 | — | 0.01 | Sep 16, 2021 | libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file. | |||
| CVE-2020-19499 | 0.00 | — | 0.01 | Jul 21, 2021 | An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read. | |||
| CVE-2020-19498 | 0.00 | — | 0.01 | Jul 21, 2021 | Floating point exception in function Fraction in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impacts. | |||
| CVE-2019-11471 | 0.00 | — | 0.02 | Apr 23, 2019 | libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images. |
- CVE-2022-43252Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43245Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal in sao.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43237Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43248Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43235Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43249Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43243Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_weighted_pred_avg_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43240Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43242Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_luma in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43244Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43250Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43253Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43239Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_chroma in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-43241Nov 2, 2022risk 0.00cvss —epss 0.01
Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
- CVE-2022-1253Apr 6, 2022risk 0.00cvss —epss 0.02
Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release.
- CVE-2021-36411Jan 10, 2022risk 0.00cvss —epss 0.01
An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of…
- CVE-2021-36408Jan 10, 2022risk 0.00cvss —epss 0.01
An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265.
- CVE-2021-36409Jan 10, 2022risk 0.00cvss —epss 0.01
There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact.
- CVE-2021-35452Jan 10, 2022risk 0.00cvss —epss 0.01
An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc.
- CVE-2021-36410Jan 10, 2022risk 0.00cvss —epss 0.01
A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265.
- CVE-2020-23109Nov 3, 2021risk 0.00cvss —epss 0.01
Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.
- CVE-2020-21597Sep 16, 2021risk 0.00cvss —epss 0.01
libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.
- CVE-2020-21601Sep 16, 2021risk 0.00cvss —epss 0.01
libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file.
- CVE-2020-21603Sep 16, 2021risk 0.00cvss —epss 0.01
libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file.
- CVE-2020-21596Sep 16, 2021risk 0.00cvss —epss 0.01
libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file.
- CVE-2020-21606Sep 16, 2021risk 0.00cvss —epss 0.01
libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file.
- CVE-2020-21602Sep 16, 2021risk 0.00cvss —epss 0.01
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file.
- CVE-2020-21604Sep 16, 2021risk 0.00cvss —epss 0.01
libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file.
- CVE-2020-21600Sep 16, 2021risk 0.00cvss —epss 0.01
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file.
- CVE-2020-21595Sep 16, 2021risk 0.00cvss —epss 0.01
libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via a crafted a file.
- CVE-2020-21599Sep 16, 2021risk 0.00cvss —epss 0.01
libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.
- CVE-2020-19499Jul 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read.
- CVE-2020-19498Jul 21, 2021risk 0.00cvss —epss 0.01
Floating point exception in function Fraction in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impacts.
- CVE-2019-11471Apr 23, 2019risk 0.00cvss —epss 0.02
libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images.
Page 2 of 2