Vulnerabilities > Nothings

DATE CVE VULNERABILITY TITLE RISK
2022-04-15 CVE-2022-28041 Integer Overflow or Wraparound vulnerability in multiple products
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc.
4.3
2022-04-15 CVE-2022-28042 Use After Free vulnerability in multiple products
stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.
6.8
2022-03-17 CVE-2022-25514 Out-of-bounds Write vulnerability in Nothings STB Truetype.H 1.26
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h.
network
low complexity
nothings CWE-787
5.0
2022-03-17 CVE-2022-25515 Out-of-bounds Write vulnerability in Nothings STB Truetype.H 1.26
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h.
network
low complexity
nothings CWE-787
5.0
2022-03-17 CVE-2022-25516 Out-of-bounds Write vulnerability in Nothings STB Truetype.H 1.26
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbtt__find_table at stb_truetype.h.
network
low complexity
nothings CWE-787
5.0
2021-10-21 CVE-2021-42715 Infinite Loop vulnerability in multiple products
An issue was discovered in stb stb_image.h 1.33 through 2.27.
4.3
2021-10-21 CVE-2021-42716 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in stb stb_image.h 2.27.
5.8
2020-01-08 CVE-2020-6623 Reachable Assertion vulnerability in Nothings STB Truetype.H 1.22
stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index.
network
nothings CWE-617
6.8
2020-01-08 CVE-2020-6622 Out-of-bounds Read vulnerability in Nothings STB Truetype.H 1.22
stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8.
network
nothings CWE-125
6.8
2020-01-08 CVE-2020-6621 Out-of-bounds Read vulnerability in Nothings STB Truetype.H 1.22
stb stb_truetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT.
network
nothings CWE-125
6.8