OSV-2026-815 Heap-buffer-overflow in ihevcd_sao_shift_ctb

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516422427 Crash type: Heap-buffer-overflow READ 1 Crash state: ihevcdsaoshiftctb ihevcdprocess ihevcdparseslicedata...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: A devm-managed release action was added to safely tear down the CT. When a buffer object BO is allocated with the XEBOFLAGGGTTINVALIDATE flag, the driver initiates TLB invalidation requests via the CTB mechanism while...

JLSEC-2026-159

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

CVE-2026-33165

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

UBUNTU-CVE-2026-33165

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

CVE-2026-33165

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

EUVD-2026-13812

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

CVE-2026-33165 heap out-of-bounds write in libde265 1.0.16

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

CVE-2025-68193

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Add devm release action to safely tear down CT When a buffer object BO is allocated with the XEBOFLAGGGTTINVALIDATE flag, the driver initiates TLB invalidation requests via the CTB mechanism while releasing the BO...

UBUNTU-CVE-2025-68193

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Add devm release action to safely tear down CT When a buffer object BO is allocated with the XEBOFLAGGGTTINVALIDATE flag, the driver initiates TLB invalidation requests via the CTB mechanism while releasing the BO...

CVE-2025-68193 drm/xe/guc: Add devm release action to safely tear down CT

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Add devm release action to safely tear down CT When a buffer object BO is allocated with the XEBOFLAGGGTTINVALIDATE flag, the driver initiates TLB invalidation requests via the CTB mechanism while releasing the BO...

CVE-2025-68193 drm/xe/guc: Add devm release action to safely tear down CT

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Add devm release action to safely tear down CT When a buffer object BO is allocated with the XEBOFLAGGGTTINVALIDATE flag, the driver initiates TLB invalidation requests via the CTB mechanism while releasing the BO...

CVE-2024-10669

The Countdown Timer block – Display the events date into a timer. plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.4 via the ctb shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated...

CVE-2020-27665

In Strapi before 3.2.5, there is no admin::hasPermissions restriction for CTB aka content-type-builder routes...

ctbdigital.com.br Cross Site Scripting vulnerability OBB-1318437

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

The vulnerability of the ihevcd_sao_shift_ctb function in the Android operating system allows a hacker to disclose protected information.

The vulnerability of the ihevcdsaoshiftctb function ihevcdsao.c in the Android operating system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by security measures...

Google Android out-of-bounds write vulnerability (CNVD-2019-01565)

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An out-of-bounds write vulnerability exists in ihevcdsao.c of ihevcdsaoshiftctb in Google Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9. The vulnerability stems from a lack ...

CVE-2018-9552

In ihevcdsaoshiftctb of ihevcdsao.c there is a possible out of bounds write due to missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

CVE-2018-13077

The mintToken function of a smart contract implementation for CTB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

Integer overflow

The mintToken function of a smart contract implementation for CTB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...