Vulnerabilities
Vulnerable Software
Struktur:  >> Libde265  Security Vulnerabilities
Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
CVSS Score
6.5
EPSS Score
0.009
Published
2022-11-02
Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release.
CVSS Score
7.4
EPSS Score
0.02
Published
2022-04-06
There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact.
CVSS Score
7.8
EPSS Score
0.009
Published
2022-01-10
A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265.
CVSS Score
5.5
EPSS Score
0.009
Published
2022-01-10
An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.
CVSS Score
5.5
EPSS Score
0.012
Published
2022-01-10
An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265.
CVSS Score
5.5
EPSS Score
0.008
Published
2022-01-10
An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc.
CVSS Score
6.5
EPSS Score
0.013
Published
2022-01-10
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file.
CVSS Score
6.5
EPSS Score
0.013
Published
2021-09-16
libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file.
CVSS Score
6.5
EPSS Score
0.01
Published
2021-09-16
libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file.
CVSS Score
6.5
EPSS Score
0.01
Published
2021-09-16


Contact Us

Shodan ® - All rights reserved