Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

271 matches found

CVE
CVEadded 6 days ago19 views

CVE-2026-49346

CVE-2026-49346 affects libde265 up to version 1.0.x; a crafted H.265 bitstream with large SPS dimensions and 16-bit depth triggers a signed integer overflow in de265_image_get_buffer(), causing an undersized allocation (~1 KB) but later writing ~4 GB due to size_t math in fill_image. This is fixe...

7.1CVSS5.9AI score0.00184EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 6 days ago5 views

CVE-2026-49346

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow in de265imagegetbuffer libde265/image.cc:128. The overflow wraps the plane allocation size to a sma...

7.1CVSS5.9AI score0.00184EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 6 days ago5 views

CVE-2026-49346

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow in de265imagegetbuffer libde265/image.cc:128. The overflow wraps the plane allocation size to a sma...

7.1CVSS5.9AI score0.00184EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2026/06/10 2:59 a.m.7 views

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

7.5CVSS5.5AI score0.00467EPSS
Exploits1References1
NVD
NVDadded 2026/06/09 7:17 p.m.9 views

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

7.5CVSS0.00467EPSS
Exploits1References2
OSV
OSVadded 2026/06/09 7:17 p.m.8 views

DEBIAN-CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

7.5CVSS5.5AI score0.00467EPSS
Exploits1References1
OSV
OSVadded 2026/06/09 7:17 p.m.5 views

UBUNTU-CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

7.5CVSS5.3AI score0.00467EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/06/09 12:0 a.m.7 views

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

5.5AI score0.00467EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/06/09 12:0 a.m.35 views

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

0.00467EPSS
Exploits1References1
CVE
CVEadded 2026/06/09 12:0 a.m.19 views

CVE-2025-52293

GPAC MP4Box v2.4 contains a DoS vulnerability in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) when processing crafted HEVC SPS data. This results in a segmentation fault and possible denial of service under network conditions with no user interaction. The CVSS vector indic...

7.5CVSS5.5AI score0.00467EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVEadded 2026/06/09 12:0 a.m.8 views

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

7.5CVSS5.5AI score0.00467EPSS
Exploits1
Vulnrichment
Vulnrichmentadded 2026/06/01 10:5 p.m.10 views

CVE-2025-59604 NULL Pointer Dereference in SPS Applications

Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/01 10:5 p.m.33 views

CVE-2025-59604 NULL Pointer Dereference in SPS Applications

Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer...

7.8CVSS0.00075EPSS
Exploits0References1
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.4 views

Astra Linux – Vulnerability in libde265

There is an assertion scalinglistpredmatrixiddelta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding the file. This can allow attackers to cause a Denial of Service DoS by running the application with a crafted file, or potentially causing unspecified other impacts...

7.8CVSS7.2AI score0.00897EPSS
Exploits1References2
OSV
OSVadded 2026/03/20 9:17 p.m.4 views

DEBIAN-CVE-2026-33165

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

5CVSS5.2AI score0.00232EPSS
Exploits1References1
OSV
OSVadded 2026/03/20 9:17 p.m.7 views

ALPINE-CVE-2026-33165

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

5CVSS5.4AI score0.00232EPSS
Exploits1References1
NVD
NVDadded 2026/03/20 9:17 p.m.4 views

CVE-2026-33165

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

5.5CVSS0.00232EPSS
Exploits1References3
OSV
OSVadded 2026/03/20 9:17 p.m.3 views

UBUNTU-CVE-2026-33165

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

5.5CVSS5.7AI score0.00232EPSS
Exploits1References3
OSV
OSVadded 2026/03/20 8:32 p.m.2 views

CVE-2026-33165 heap out-of-bounds write in libde265 1.0.16

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

5.5CVSS5.8AI score0.00232EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/03/20 8:32 p.m.7 views

CVE-2026-33165

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctbinfo.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay...

5.5CVSS5.7AI score0.00232EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder