Stb Security Vulnerabilities
A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this...
9.8CVSS
6.7AI Score
0.001EPSS
Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main...
6.5CVSS
7.2AI Score
0.002EPSS
stb_image is a single file MIT licensed library for processing images. It may look like stbi__load_gif_main doesn’t give guarantees about the content of output value *delays upon failure. Although it sets *delays to zero at the beginning, it doesn’t do it in case the image is not recognized as...
9.8CVSS
9.2AI Score
0.001EPSS
stb_image is a single file MIT licensed library for processing images. A crafted image file can trigger stbi__load_gif_main_outofmem attempt to double-free the out variable. This happens in stbi__load_gif_main because when the layers * stride value is zero the behavior is implementation defined,...
8.8CVSS
9.1AI Score
0.001EPSS
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f->vendor[i] = get8_packet(f);. The root cause is an integer overflow in setup_malloc. A sufficiently large value in the variable sz overflows with sz+7 in and the....
7.8CVSS
7.9AI Score
0.001EPSS
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f->vendor[len] = (char)'\0';. The root cause is that if len read in start_decoder is a negative number and setup_malloc successfully allocates memory in that case,....
7.8CVSS
7.8AI Score
0.001EPSS
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in start_decoder because at maximum m->submaps can be 16 but submap_floor and submap_residue are declared as arrays of 15 elements. This issue may lead to code...
7.8CVSS
7.8AI Score
0.001EPSS
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in start_decoder. In that case the function returns early, the f->comment_list is set to NULL, but f->comment_list_length is not reset. Later in vorbis_deinit...
5.5CVSS
5.2AI Score
0.0004EPSS
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds read in DECODE macro when var is negative. As it can be seen in the definition of DECODE_RAW a negative var is a valid value. This issue may be used to leak internal memory...
7.1CVSS
6.6AI Score
0.0005EPSS
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f->vendor[len] = (char)'\0';. The root cause is that if the len read in start_decoder is -1 and len + 1 becomes 0 when passed to setup_malloc. The setup_malloc...
7.8CVSS
8.7AI Score
0.001EPSS
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in start_decoder. In that case the function returns early, but some of the pointers in f->comment_list are left initialized and later setup_free is called on the...
7.8CVSS
7.7AI Score
0.001EPSS
stb_image is a single file MIT licensed library for processing images. If stbi__load_gif_main in stbi_load_gif_from_memory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls...
7.5CVSS
8.3AI Score
0.001EPSS
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in start_decoder. The root cause is a potential integer overflow in sizeof(char*) * (f->comment_list_length) which may make setup_malloc allocat...
7.8CVSS
8.9AI Score
0.001EPSS
stb_image is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbi__gif_load_next. This happens because two_back points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory.....
7.1CVSS
7.8AI Score
0.001EPSS
stb_image is a single file MIT licensed library for processing images. The stbi__getn function reads a specified number of bytes from context (typically a file) into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not....
5.5CVSS
7.1AI Score
0.001EPSS
stb_image is a single file MIT licensed library for processing images. When stbi_set_flip_vertically_on_load is set to TRUE and req_comp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can...
8.1CVSS
8.5AI Score
0.001EPSS
Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic...
5.5CVSS
6.8AI Score
0.0004EPSS
stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of...
8.1CVSS
7.8AI Score
0.002EPSS
stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function...
8.8CVSS
8.6AI Score
0.003EPSS
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified...
6.5CVSS
6.4AI Score
0.004EPSS
STB v2.27 was discovered to contain an integer shift of invalid size in the component...
8.8CVSS
8.6AI Score
0.003EPSS
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted...
6.5CVSS
6.5AI Score
0.001EPSS
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbtt__find_table at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted...
6.5CVSS
6.5AI Score
0.001EPSS
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted...
7.5CVSS
7.6AI Score
0.001EPSS
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR...
5.5CVSS
6AI Score
0.001EPSS
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or.....
7.1CVSS
7.1AI Score
0.002EPSS
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG...
7.8CVSS
7.5AI Score
0.001EPSS
8.8CVSS
8.7AI Score
0.002EPSS
8.8CVSS
8.7AI Score
0.002EPSS
8.8CVSS
8.7AI Score
0.002EPSS
8.8CVSS
8.7AI Score
0.002EPSS
8.8CVSS
8.7AI Score
0.002EPSS
8.8CVSS
8.7AI Score
0.002EPSS
8.8CVSS
8.7AI Score
0.002EPSS
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has an assertion failure in...
6.5CVSS
6.5AI Score
0.001EPSS
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in...
8.8CVSS
8.7AI Score
0.002EPSS
Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis...
7.1CVSS
6.7AI Score
0.001EPSS
An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis...
7.1CVSS
6.7AI Score
0.001EPSS
A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis...
5.5CVSS
5.3AI Score
0.001EPSS
A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis...
7.8CVSS
8AI Score
0.002EPSS
A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis...
5.5CVSS
5.3AI Score
0.001EPSS
Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis...
5.5CVSS
5.3AI Score
0.001EPSS
A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis...
7.8CVSS
8AI Score
0.003EPSS
stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer over-read in stbi__tga_load, leading to Information Disclosure or Denial of...
9.1CVSS
9AI Score
0.009EPSS
stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code...
8.8CVSS
8.8AI Score
0.002EPSS
Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 versions has an authentication bypass vulnerability. An attacker could exploit this vulnerability to access the serial interface and modify the configuration. Successful exploit could lead to the authentication bypass and view...
7.5CVSS
7.6AI Score
0.002EPSS
Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg...
8.8CVSS
8.7AI Score
0.003EPSS
The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771 and 140CPU65 modules, the Premium TSXETY and TSXP57 modules, the M340 BMXNOE01 and BMXP3420 modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3)...
6.6AI Score
0.056EPSS