CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24756
https://notcve.org/view.php?id=CVE-2023-24756
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. • https://github.com/strukturag/libde265/issues/380 https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-25221
https://notcve.org/view.php?id=CVE-2023-25221
Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc. • https://github.com/strukturag/libde265/issues/388 https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24751
https://notcve.org/view.php?id=CVE-2023-24751
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. • https://github.com/strukturag/libde265/issues/379 https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24754
https://notcve.org/view.php?id=CVE-2023-24754
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. • https://github.com/strukturag/libde265/issues/382 https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24755
https://notcve.org/view.php?id=CVE-2023-24755
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. • https://github.com/strukturag/libde265/issues/384 https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html • CWE-476: NULL Pointer Dereference •