Lucene search
+L

570 matches found

Snyk
Snyk
added 2026/04/01 9:30 p.m.7 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the stbigifloadnext function. An attacker can cause the application to become unavailable by enticing a user to open a specially crafted GIF image. This is only exploitable if a user interacts...

5.3CVSS5.9AI score0.00286EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.12 views

PT-2026-29639

Name of the Vulnerable Software and Affected Versions Nothings stb versions up to 1.26 Description A flaw exists in Nothings stb, specifically within the TTF File Handler component, impacting the stbtt InitFont internal function in the stb truetype.h library. A manipulation of the function can le...

8.8CVSS5.6AI score0.00664EPSS
Exploits1References12
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.11 views

stb 缓冲区错误漏洞

STB is a publicly available library for C/C++ developed by Sean Barrett. Versions of STB prior to 1.26 contained a buffer error vulnerability. This vulnerability stemmed from an out-of-bounds read in the stbtruetype.h library within the TTF File Handler component, which could lead to remote attac...

8.8CVSS6AI score0.00664EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.8 views

Nothing OS 安全漏洞

Nothing OS is an operating system developed by Nothing Corporation. Versions of Nothing OS prior to 2.30 contained a security vulnerability. This vulnerability stemmed from a flaw in the stbimage.h library’s GIF decoding component, specifically the function stbigifloadnext, which could lead to...

5.3CVSS5.8AI score0.00286EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29638

A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbi gif load next in the library stb image.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public an...

5.3CVSS5.4AI score0.00286EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/31 12:37 p.m.5 views

CVE-2026-5185

A flaw was found in Nothings stbimage. A local attacker could exploit a heap-based buffer overflow vulnerability within the stbigifloadnext function of the Multi-frame GIF File Handler component. By manipulating a GIF file, this flaw could lead to information disclosure or denial of service DoS...

5.3CVSS6.2AI score0.00154EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/31 12:28 p.m.6 views

CVE-2026-5186

A flaw was found in Nothings stb, affecting its Multi-frame GIF File Handler. A local attacker can exploit a double free vulnerability by manipulating a specific function within the stbimage.h file. This can lead to memory corruption, which may result in a denial of service, making the system...

5.3CVSS6AI score0.00113EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/31 10:50 a.m.7 views

Double Free

Overview Affected versions of this package are vulnerable to Double Free via the stbiloadgifmain function. An attacker can cause memory corruption or execute arbitrary code by providing a specially crafted multi-frame GIF file that triggers a double free condition. Remediation There is no fixed...

5.3CVSS6.3AI score0.00113EPSS
Exploits0References2
NVD
NVD
added 2026/03/31 8:15 a.m.6 views

CVE-2026-5186

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

5.3CVSS0.00113EPSS
Exploits0References3
OSV
OSV
added 2026/03/31 8:15 a.m.7 views

UBUNTU-CVE-2026-5186

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

5.3CVSS5.6AI score0.00113EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 7:30 a.m.3 views

CVE-2026-5186

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

5.3CVSS5.7AI score0.00113EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/31 7:30 a.m.35 views

CVE-2026-5186 Nothings stb Multi-frame GIF File stb_image.h stbi__load_gif_main double free

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

5.3CVSS0.00113EPSS
Exploits0References3
CVE
CVE
added 2026/03/31 7:30 a.m.31 views

CVE-2026-5186

The CVE concerns Nothings stb up to 2.30, specifically the Multi-frame GIF File Handler’s stb_image.h function stbi__load_gif_main. A manipulation leads to a double-free, with exploitation requiring local access. Public exploit has been made available. Vendor was contacted early but did not respo...

5.3CVSS5.7AI score0.00113EPSS
Exploits0References3
NVD
NVD
added 2026/03/31 7:16 a.m.8 views

CVE-2026-5185

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

5.3CVSS0.00154EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/03/31 7:16 a.m.5 views

CVE-2026-5185

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

5.3CVSS6AI score0.00154EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/31 6:45 a.m.33 views

CVE-2026-5185 Nothings stb_image Multi-frame GIF File stb_image.h stbi__gif_load_next heap-based overflow

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

5.3CVSS0.00154EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.10 views

stb 安全漏洞

STB is a publicly available library for C/C++ developed by Sean Barrett. Versions of STB prior to 2.30 contained security vulnerabilities, which stemmed from incorrect operations on the stbigifloadnext function in the stbimage.h file, potentially leading to heap buffer overflows...

5.3CVSS6.2AI score0.00154EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.10 views

stb 资源管理错误漏洞

STB is a public domain library for C/C++ developed by Sean Barrett. Versions of STB prior to 2.30 contained a resource management vulnerability, which stemmed from incorrect operations on the stbiloadgifmain function in the stbimage.h file. This vulnerability could lead to double deallocation of...

5.3CVSS6AI score0.00113EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 10:7 a.m.9 views

CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

6.5CVSS6.8AI score0.00935EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:27 a.m.6 views

CVE-2023-45675

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if the len read in startdecoder is -1 and len + 1 becomes 0 when passed to setupmalloc. The setupmalloc behaves...

7.8CVSS7.3AI score0.00759EPSS
Exploits0References1
Rows per page
Query Builder