Every CVE whose affected-product data names Libbpg Project Libbpg, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2018-12447 — CVSS 8.8 (high): The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that…
CVE-2017-14795 — CVSS 8.8 (high): The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (out-of-bounds read and…
CVE-2017-14796 — CVSS 8.8 (high): The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and…
CVE-2016-5637 — CVSS 8.8 (high): The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote…
CVE-2017-13136 — CVSS 8.8 (high): The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference.
CVE-2017-14034 — CVSS 8.8 (high): The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy…
CVE-2017-14734 — CVSS 8.8 (high): The build_msps function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (heap-based buffer overflow and…
CVE-2016-8710 — CVSS 7.8 (high): An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded…
CVE-2017-13135 — CVSS 7.8 (high): A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in…
CVE-2017-2575 — CVSS 6.5 (medium): A vulnerability was found while fuzzing libbpg 0.9.7. It is a NULL pointer dereference issue due to missing check of the return value of…