30 matches found
JLSEC-2026-159
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...
CVE-2026-33165
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the setSliceHeaderIndex process. An attacker can cause a write operation to occur past the end of a heap allocation by submitting a specially crafted HEVC bitstream that manipulates the log2unitSize value aft...
CVE-2026-33165
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...
CVE-2026-33165
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...
CVE-2026-33165
libde265 prior to v1.0.17 is affected by a heap out-of-bounds write triggered by a crafted HEVC bitstream. The root cause is a stale ctb_info.log2unitSize after an SPS change, where PicWidthInCtbsY and PicHeightInCtbsY remain constant while Log2CtbSizeY changes, causing set_SliceHeaderIndex to in...
CVE-2026-33165 heap out-of-bounds write in libde265 1.0.16
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...
EUVD-2026-13812
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...
CVE-2026-33165
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...
PT-2026-26678
Name of the Vulnerable Software and Affected Versions libde265 versions prior to 1.0.17 Description libde265 is an open source implementation of the h.265 video codec. A crafted HEVC bitstream can cause an out-of-bounds heap write. This occurs due to a stale ctb info.log2unitSize after an SPS...
MedDream PACS Premium downloadZip reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2254 MedDream PACS Premium downloadZip reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-53516 SUMMARY A reflected cross-site scripting xss vulnerability exists in the downloadZip functionality of MedDream PACS Premium...
JLSEC-2025-123 libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale h...
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
Linux Distros Unpatched Vulnerability : CVE-2022-48434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to...
CVE-2023-44276
OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard...
CVE-2025-27091
OpenH264 decoding vulnerability (CVE-2025-27091) affects OpenH264 2.5.0 and earlier in both SVC and AVC modes. A race condition between SPS memory allocation and subsequent non-IDR NAL memory usage can enable a remote, unauthenticated attacker to trigger a heap overflow by delivering a crafted bi...
AOL AIM Triton Security Breach
AOL AIM Triton is an instant messaging software from AOL. A security vulnerability exists in AOL AIM Triton version 1.0.4, which stems from a denial of service due to the parameter CSeq of the component Invite Handler...
CVE-2023-44276
OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard...
PT-2023-6860 · Opnsense · Opnsense
Name of the Vulnerable Software and Affected Versions: OPNsense versions prior to 23.7.5 Description: The issue is related to the lack of protection of the web page structure in the OPNsense operating system. This can be exploited by a remote attacker to conduct cross-site scripting attacks using...
CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
GPAC MP4Box 安全漏洞
GPAC MP4Box is multimedia packager. It is mainly used to work with ISOBMF files e.g. MP4, 3GP, but can also be used to import/export media from container files such as AVI, MPG, MKV, MPEG-2 TS, etc. A security vulnerability exists in GPAC MP4Box version 2.1-DEV-rev593-g007bf61a0, which stems from...