Skip to main content

Libbpg

9 CVEs product

Monthly

CVE-2018-12447 HIGH POC This Week

The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow Libbpg
NVD GitHub
CVSS 3.0
8.8
EPSS
3.8%
CVE-2017-14034 HIGH POC This Week

The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy destination address, which allows remote attackers to cause a denial. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Libbpg
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-13136 HIGH POC This Week

The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libbpg
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-13135 HIGH POC This Week

A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libbpg
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-14796 HIGH POC This Week

The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libbpg
NVD GitHub
CVSS 3.0
8.8
EPSS
0.6%
CVE-2017-14795 HIGH POC This Week

The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Libbpg
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-14734 HIGH POC This Week

The build_msps function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Libbpg
NVD GitHub
CVSS 3.0
8.8
EPSS
1.7%
CVE-2016-8710 HIGH POC This Week

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE Libbpg
NVD VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2016-5637 HIGH This Week

The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote attackers to execute arbitrary code or cause a denial of service. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Libbpg
NVD
CVSS 3.0
8.8
EPSS
0.6%
EPSS 4% CVSS 8.8
HIGH POC This Week

The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy destination address, which allows remote attackers to cause a denial. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libbpg
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libbpg
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libbpg
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

The build_msps function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Libbpg
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE +1
NVD VulDB
EPSS 1% CVSS 8.8
HIGH This Week

The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote attackers to execute arbitrary code or cause a denial of service. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy