Shodan
Vulnerabilities
Vulnerable Software
Struktur:  >> Libde265  Security Vulnerabilities
CVE-2026-33164
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in pic_parameter_set::set_derived_values(). This issue has been patched in version 1.0.17.
CVSS Score
8.7
EPSS Score
0.001
Published
2026-03-20
CVE-2026-33165
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctb_info.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay constant but Log2CtbSizeY changes, causing set_SliceHeaderIndex to index past the allocated image metadata array and write 2 bytes past the end of a heap allocation. This issue has been patched in version 1.0.17.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-03-20
CVE-2025-61147
strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decoder_context::compute_framedrop_table().
CVSS Score
6.2
EPSS Score
0.0
Published
2026-02-23
CVE-2024-38949
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
CVSS Score
6.5
EPSS Score
0.001
Published
2024-06-26
CVE-2024-38950
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-06-26
CVE-2023-49465
Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at motion.cc.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-12-07
CVE-2023-49467
Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates function at motion.cc.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-12-07
CVE-2023-49468
Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-12-07
CVE-2023-43887
Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump.
CVSS Score
8.1
EPSS Score
0.002
Published
2023-11-22
CVE-2023-47471
Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-11-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved