Lucene search
+L
Libbpg ProjectLibbpg

7 matches found

cve
cve
added 2017/01/26 9:0 p.m.59 views

CVE-2016-8710

CVE-2016-8710 is a heap-write-out-of-bounds vulnerability in Libbpg’s BPG image decoding. The issue arises in the HEVC decoding path (restore_tqb_pixels) due to an integer underflow that allows out-of-bounds writes to heap memory, potentially enabling remote code execution when processing a craft...

7.8CVSS7.8AI score0.03388EPSS
cve
cve
added 2017/11/16 4:0 a.m.59 views

CVE-2017-14034

The CVE-2017-14034 vulnerability affects libavcodec (used in Libbpg 0.9.7 and related products), specifically the restore_tqb_pixels function in hevc_filter.c. It miscalculates a memcpy destination address, enabling a heap-based buffer over-read that can crash the application (denial of service) ...

8.8CVSS9AI score0.01522EPSS
cve
cve
added 2017/11/16 4:0 a.m.52 views

CVE-2017-13136

The CVE-2017-13136 issue affects the libbpg 0.9.7 image encoder (bpgenc.c) where an integer overflow in image_alloc allows an invalid malloc and NULL pointer dereference. Public records (NVD/CNVD/CVE records) describe a potential denial of service via memory corruption/backreference and related h...

8.8CVSS8.6AI score0.01296EPSS
cve
cve
added 2017/09/27 5:0 p.m.52 views

CVE-2017-14795

The CVE-2017-14795 issue affects Libbpg 0.9.7, specifically the hevc_write_frame function in libbpg.c, with a vulnerability in decoding BPG images that can cause an out-of-bounds access. Connected sources describe a heap/write out-of-bounds condition in decoding and indicate potential denial of s...

8.8CVSS8.8AI score0.01343EPSS
cve
cve
added 2017/09/25 9:0 p.m.51 views

CVE-2017-14734

The CVE-2017-14734 entry affects the Libbpg library (libbpg.c, build_msps) in version 0.9.7. A crafted BPG image can trigger a heap-based buffer overflow during decoding, as mentioned in relation to hevc_decode_init1, leading to denial of service or potentially other impact. Several sources (NVD,...

8.8CVSS9.1AI score0.01576EPSS
cve
cve
added 2017/11/16 4:0 a.m.50 views

CVE-2017-13135

CVE-2017-13135 : A NULL pointer dereference in VideoLAN x265 (used in libbpg 0.9.7 and other products) arises because CUData::initialize in common/cudata.cpp mishandles memory-allocation failure. The issue can cause a crash, treated as a denial of service in related advisories. Multiple sources (...

7.8CVSS7.5AI score0.01161EPSS
cve
cve
added 2017/09/27 5:0 p.m.49 views

CVE-2017-14796

The CVE-2017-14796 vulnerability affects libbpg 0.9.7, specifically the hevc_write_frame path in libbpg.c. The issue is a denial of service via an integer underflow when processing crafted BPG images, with related interaction in copy_CTB_to_hv (hevc_filter.c) and sao_filter_CTB (hevc_filter.c) in...

8.8CVSS8.8AI score0.01522EPSS