CVE-2026-49346
- EPSS 0.23%
- Veröffentlicht 19.06.2026 20:12:14
- Zuletzt bearbeitet 26.06.2026 19:17:38
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow in `de265_image_get_buffer()` (`libde265/image.cc:12...
CVE-2026-49295
- EPSS 0.23%
- Veröffentlicht 19.06.2026 20:09:22
- Zuletzt bearbeitet 26.06.2026 19:17:19
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds array write in `decoder_context::process_reference_picture_set()` (`libde265/decctx.cc:1376`). The root ...
CVE-2026-33164
- EPSS 0.35%
- Veröffentlicht 20.03.2026 20:33:04
- Zuletzt bearbeitet 23.03.2026 20:05:09
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in pic_parameter_set::set_derived_values(). This issue has been patched in version 1.0.17.
- EPSS 0.23%
- Veröffentlicht 20.03.2026 20:32:36
- Zuletzt bearbeitet 23.03.2026 20:09:04
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctb_info.log2unitSize after an SPS change w...
CVE-2025-61147
- EPSS 0.16%
- Veröffentlicht 23.02.2026 00:00:00
- Zuletzt bearbeitet 24.03.2026 12:25:34
strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decoder_context::compute_framedrop_table().
CVE-2024-38950
- EPSS 0.45%
- Veröffentlicht 26.06.2024 20:15:16
- Zuletzt bearbeitet 06.06.2025 17:15:28
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.
CVE-2024-38949
- EPSS 0.44%
- Veröffentlicht 26.06.2024 20:15:16
- Zuletzt bearbeitet 06.06.2025 17:15:02
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
CVE-2023-49468
- EPSS 0.87%
- Veröffentlicht 07.12.2023 20:15:38
- Zuletzt bearbeitet 21.11.2024 08:33:26
Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc.
CVE-2023-49467
- EPSS 0.78%
- Veröffentlicht 07.12.2023 20:15:38
- Zuletzt bearbeitet 21.11.2024 08:33:26
Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates function at motion.cc.
CVE-2023-49465
- EPSS 0.8%
- Veröffentlicht 07.12.2023 20:15:38
- Zuletzt bearbeitet 21.11.2024 08:33:26
Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at motion.cc.