CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Nothings : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-28042 416 2022-04-15 2022-05-10
6.8
None Remote Medium Not required Partial Partial Partial
stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.
2 CVE-2022-28041 190 DoS Overflow 2022-04-15 2022-05-10
4.3
None Remote Medium Not required None None Partial
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
3 CVE-2022-25516 787 Overflow 2022-03-17 2022-03-22
5.0
None Remote Low Not required None None Partial
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbtt__find_table at stb_truetype.h.
4 CVE-2022-25515 787 Overflow 2022-03-17 2022-03-22
5.0
None Remote Low Not required None None Partial
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h.
5 CVE-2022-25514 787 Overflow 2022-03-17 2022-03-22
5.0
None Remote Low Not required None None Partial
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h.
6 CVE-2021-42716 120 Overflow 2021-10-21 2022-05-13
5.8
None Remote Medium Not required Partial None Partial
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location.
7 CVE-2021-42715 835 DoS 2021-10-21 2022-05-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.
8 CVE-2020-6623 617 2020-01-08 2020-01-10
6.8
None Remote Medium Not required Partial Partial Partial
stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index.
9 CVE-2020-6622 125 2020-01-08 2020-01-10
6.8
None Remote Medium Not required Partial Partial Partial
stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8.
10 CVE-2020-6621 125 2020-01-08 2020-01-10
6.8
None Remote Medium Not required Partial Partial Partial
stb stb_truetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT.
11 CVE-2020-6620 125 2020-01-08 2020-01-10
6.8
None Remote Medium Not required Partial Partial Partial
stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8.
12 CVE-2020-6619 617 2020-01-08 2020-01-10
6.8
None Remote Medium Not required Partial Partial Partial
stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek.
13 CVE-2020-6618 125 2020-01-08 2020-01-10
6.8
None Remote Medium Not required Partial Partial Partial
stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__find_table.
14 CVE-2020-6617 617 2020-01-08 2020-01-10
6.8
None Remote Medium Not required Partial Partial Partial
stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int.
15 CVE-2019-20056 617 2019-12-29 2020-01-08
4.3
None Remote Medium Not required None None Partial
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has an assertion failure in stbi__shiftsigned.
16 CVE-2019-19777 125 2019-12-13 2019-12-18
6.8
None Remote Medium Not required Partial Partial Partial
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.
17 CVE-2018-16981 787 Overflow 2018-09-12 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.
Total number of vulnerabilities : 17   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.