PT-2026-48158

Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A segmentation violation occurs in the gf hevc read sps bs internal function within the media tools/av parsers.c file. This issue allows attackers to cause a Denial of Service DoS by providing specially...

ALPINE-CVE-2026-33164

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in picparameterset::setderivedvalues. This issue has been patched in version 1.0.17...

EUVD-2026-12121

GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

Structure AG Libde265 安全漏洞

Structure AG Libde265 is a h.265 video codec developed by the German company Structure AG. There is a security vulnerability in Structure AG Libde265, which stems from a segmentation violation in the decoder context::computeframedroptable component...

H.265/HEVC Video Steganalysis Based on CU Block Structure Gradients and IPM Mapping

Existing H.265/HEVC video steganalysis research mainly focuses on statistical feature modeling at the levels of motion vectors MV, intra prediction modes IPM, or transform coefficients. In contrast, studies targeting the coding-structure level - especially the analysis of block-level steganograph...

MGASA-2025-0264 Updated gstreamer1.0-plugins-bad packages fix security vulnerability

GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. CVE-2025-3887...

gstreamer1-plugins-bad-free: mingw-gstreamer1-plugins-bad-free: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

A flaw was found in GStreamer H265 Codec Parsing gstreamer1-plugins-bad-free. This vulnerability allows remote attackers to execute arbitrary code by parsing H265 slice headers...

GStreamer 安全漏洞

GStreamer is a GStreamer open source set of frameworks for processing streaming media. A security vulnerability exists in GStreamer that stems from not properly validating the data length when parsing H265 slice headers, which could lead to remote code execution...

UBUNTU-CVE-2024-35921

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...

The vulnerability of the read_coding_unit function (slice.cc) in the h.265 Libde265 video codec implementation, which allows a perpetrator to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the readcodingunit function slice.cc in the h.265 Libde265 video codec implementation is related to the output of operations that occur outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to influence the confidentiality, integrity, and...

The vulnerability of the put_weighted_pred_avg_16_fallback() function (fallback-motion.cc) in the implementation of the h.265 Libde265 video codec allows a perpetrator to trigger a service failure.

The vulnerability of the putweightedpredavg16fallback function in the fallback-motion.cc implementation of the h.265 Libde265 codec is related to the occurrence of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to trigger a service...

The vulnerability of the Gstreamer multimedia framework, related to buffer overflow in the stack, allows an attacker to execute arbitrary code.

The vulnerability of the Gstreamer multimedia framework is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using specially crafted H265 encoding files...

DEBIAN-CVE-2022-43238

Libde265 v1.0.8 was discovered to contain an unknown crash via ffhevcputhevcqpelh3v3sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-29119

HEVC Video Extensions Remote Code Execution Vulnerability...

CVE-2022-29111

HEVC Video Extensions Remote Code Execution Vulnerability...

GPAC 缓冲区错误漏洞

GPAC is an open source multimedia framework. A security vulnerability exists in GPAC 2.0.0, which stems from the fact that gprtpbuilderdohevc in ietf/rtppckmpeg4.c has a heap-based buffer over-read, as shown in MP4Box...

The vulnerability of the HEVC Video Extension codec, related to improper code generation, allows a perpetrator to execute arbitrary code.

The vulnerability of the HEVC Video Extension codec is related to improper code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

CVE-2022-23301

HEVC Video Extensions Remote Code Execution Vulnerability...

CVE-2022-24452

HEVC Video Extensions Remote Code Execution Vulnerability...

CVE-2022-24456

HEVC Video Extensions Remote Code Execution Vulnerability...