Every CVE whose affected-product data names Nothings Stb Vorbis.c, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2023-47212 — CVSS 9.8 (critical): A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.22. A specially crafted .ogg file can…
CVE-2023-45676 — CVSS 7.3 (high): stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in…
CVE-2023-45681 — CVSS 7.3 (high): stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated…
CVE-2023-45677 — CVSS 7.3 (high): stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in…
CVE-2023-45679 — CVSS 7.3 (high): stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in…
CVE-2023-45678 — CVSS 6.5 (medium): stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in…
CVE-2023-45675 — CVSS 6.5 (medium): stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in…
CVE-2026-5317 — CVSS 6.3 (medium): A security flaw has been discovered in Nothings stb up to 1.22. This affects the function start_decoder of the file stb_vorbis.c. The…
CVE-2023-45682 — CVSS 5.3 (medium): stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds read in `DECODE`…
CVE-2023-45680 — CVSS 5.3 (medium): stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in…
CVE-2026-5316 — CVSS 4.3 (medium): A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setup_free of the file stb_vorbis.c. The…