Vulnerabilities > Libbpg Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-22 | CVE-2017-2575 | NULL Pointer Dereference vulnerability in Libbpg Project Libbpg 0.9.7 A vulnerability was found while fuzzing libbpg 0.9.7. | 4.3 |
| 2018-06-15 | CVE-2018-12447 | Integer Overflow or Wraparound vulnerability in Libbpg Project Libbpg 0.9.8 The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code execution. | 6.8 |
| 2017-11-16 | CVE-2017-14034 | Out-of-bounds Read vulnerability in Libbpg Project Libbpg 0.9.7 The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy destination address, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact. | 6.8 |
| 2017-11-16 | CVE-2017-13136 | Integer Overflow or Wraparound vulnerability in Libbpg Project Libbpg 0.9.7 The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference. | 6.8 |
| 2017-11-16 | CVE-2017-13135 | NULL Pointer Dereference vulnerability in Libbpg Project Libbpg 0.9.7 A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure. | 6.8 |
| 2017-09-28 | CVE-2017-14796 | Integer Underflow (Wrap or Wraparound) vulnerability in Libbpg Project Libbpg 0.9.7 The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copy_CTB_to_hv in hevc_filter.c in libavcodec in FFmpeg and sao_filter_CTB in hevc_filter.c in libavcodec in FFmpeg. | 6.8 |
| 2017-09-28 | CVE-2017-14795 | Out-of-bounds Read vulnerability in Libbpg Project Libbpg 0.9.7 The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with hls_pcm_sample in hevc.c in libavcodec in FFmpeg and put_pcm_var in hevcdsp_template.c in libavcodec in FFmpeg. | 6.8 |
| 2017-09-25 | CVE-2017-14734 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libbpg Project Libbpg 0.9.7 The build_msps function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to hevc_decode_init1. | 6.8 |
| 2017-01-26 | CVE-2016-8710 | Out-of-bounds Write vulnerability in Libbpg Project Libbpg 0.9.4/0.9.7 An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. | 7.8 |
| 2016-07-15 | CVE-2016-5637 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libbpg Project Libbpg 0.9.5/0.9.6/0.9.7 The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted BPG image, related to a "type confusion" issue. | 6.8 |