Every CVE whose affected-product data names Struktur Libde265, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (60)
CVE-2022-1253 — CVSS 9.8 (critical): Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit…
CVE-2023-49468 — CVSS 8.8 (high): Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc.
CVE-2023-27103 — CVSS 8.8 (high): Libde265 v1.0.11 was discovered to contain a heap buffer overflow via the function derive_collocated_motion_vectors at motion.cc.
CVE-2023-49465 — CVSS 8.8 (high): Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at…
CVE-2023-49467 — CVSS 8.8 (high): Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates…
CVE-2020-21598 — CVSS 8.8 (high): libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a…
CVE-2023-43887 — CVSS 8.1 (high): Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function…
CVE-2023-25221 — CVSS 7.8 (high): Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in…
CVE-2021-36409 — CVSS 7.8 (high): There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows…
CVE-2022-47655 — CVSS 7.8 (high): Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback<unsigned short>
CVE-2022-47665 — CVSS 7.8 (high): Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int, int, int)
CVE-2026-33164 — CVSS 7.5 (high): libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a…
CVE-2026-49295 — CVSS 7.1 (high): libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an…
CVE-2026-49346 — CVSS 7.1 (high): libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS…
CVE-2022-43237 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback<unsigned short> in…
CVE-2022-43238 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This vulnerability…
CVE-2022-43239 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_chroma<unsigned short> in motion.cc. This…
CVE-2022-43240 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in sse-motion.cc. This…
CVE-2022-43241 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability allows…
CVE-2022-43242 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_luma<unsigned char> in motion.cc. This vulnerability…
CVE-2022-43243 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_weighted_pred_avg_8_sse in sse-motion.cc…
CVE-2022-43244 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc…
CVE-2022-43245 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal<unsigned short> in sao.cc. This vulnerability…
CVE-2020-21594 — CVSS 6.5 (medium): libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fallback function, which can be exploited via a crafted a file.
CVE-2022-43249 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback<unsigned short> in…
CVE-2022-43250 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This…
CVE-2022-43252 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This…
CVE-2022-43253 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc…
CVE-2023-24751 — CVSS 6.5 (medium): libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows…
CVE-2022-43248 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc…
CVE-2020-21595 — CVSS 6.5 (medium): libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via a crafted a file.
CVE-2020-21596 — CVSS 6.5 (medium): libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file.
CVE-2020-21597 — CVSS 6.5 (medium): libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.
CVE-2020-21599 — CVSS 6.5 (medium): libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.
CVE-2020-21600 — CVSS 6.5 (medium): libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a…
CVE-2020-21601 — CVSS 6.5 (medium): libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file.
CVE-2020-21602 — CVSS 6.5 (medium): libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a…
CVE-2020-21603 — CVSS 6.5 (medium): libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file.
CVE-2020-21604 — CVSS 6.5 (medium): libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file.
CVE-2020-21605 — CVSS 6.5 (medium): libde265 v1.0.4 contains a segmentation fault in the apply_sao_internal function, which can be exploited via a crafted a file.
CVE-2020-21606 — CVSS 6.5 (medium): libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file.
CVE-2022-43235 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc…
CVE-2022-43236 — CVSS 6.5 (medium): Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in…
CVE-2023-27102 — CVSS 6.5 (medium): Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decoder_context::process_slice_segment_header at…
CVE-2023-47471 — CVSS 6.5 (medium): Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the…
CVE-2024-38949 — CVSS 6.5 (medium): Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420…
CVE-2024-38950 — CVSS 6.5 (medium): Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to…
CVE-2025-61147 — CVSS 6.2 (medium): strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decoder_context::compute_framedrop_table(…
CVE-2023-24755 — CVSS 5.5 (medium): libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc…
CVE-2023-24754 — CVSS 5.5 (medium): libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc…
CVE-2023-24752 — CVSS 5.5 (medium): libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc…
CVE-2021-36410 — CVSS 5.5 (medium): A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265.
CVE-2021-36408 — CVSS 5.5 (medium): An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265.
CVE-2023-24758 — CVSS 5.5 (medium): libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc…
CVE-2021-36411 — CVSS 5.5 (medium): An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function…
CVE-2023-24757 — CVSS 5.5 (medium): libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at…
CVE-2026-33165 — CVSS 5.5 (medium): libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an…
CVE-2023-24756 — CVSS 5.5 (medium): libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc…