Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Nothings — Vulnerabilities & Security Advisories 25

Browse all 25 CVE security advisories affecting Nothings. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Nothings is a software component primarily utilized in embedded systems and IoT devices, often serving as a lightweight graphics engine or UI framework for resource-constrained environments. With twenty-five recorded Common Vulnerabilities and Exposures (CVEs), the software has historically been susceptible to critical security flaws, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These issues frequently stem from improper input validation and memory management errors within the core rendering libraries. While no single catastrophic public incident has defined its security history, the accumulation of CVEs indicates systemic weaknesses in its development lifecycle. Attackers have exploited these flaws to gain unauthorized access to underlying operating systems, compromising device integrity. The profile suggests that while nothings offers functional utility for display interfaces, its security posture remains fragile, requiring rigorous patching and secure coding practices to mitigate the risk of exploitation in deployed networks.

Top products by Nothings: stb stb_image
CVE IDTitleCVSSSeverityPublished
CVE-2026-5317 Nothings stb stb_vorbis.c start_decoder out-of-bounds write — stbCWE-787 6.3 Medium2026-04-02
CVE-2026-5316 Nothings stb stb_vorbis.c setup_free allocation of resources — stbCWE-770 4.3 Medium2026-04-02
CVE-2026-5315 Nothings stb TTF File stb_truetype.h stbtt__buf_get8 out-of-bounds — stbCWE-125 4.3 Medium2026-04-01
CVE-2026-5314 Nothings stb TTF File stb_truetype.h stbtt_InitFont_internal out-of-bounds — stbCWE-125 4.3 Medium2026-04-01
CVE-2026-5313 Nothings stb GIF Decoder stb_image.h stbi__gif_load_next denial of service — stbCWE-404 4.3 Medium2026-04-01
CVE-2026-5186 Nothings stb Multi-frame GIF File stb_image.h stbi__load_gif_main double free — stbCWE-415 5.3 Medium2026-03-31
CVE-2026-5185 Nothings stb_image Multi-frame GIF File stb_image.h stbi__gif_load_next heap-based overflow — stb_imageCWE-122 5.3 Medium2026-03-31
CVE-2025-3409 Nothings stb stb_include_string stack-based overflow — stbCWE-121 6.3 Medium2025-04-08
CVE-2025-3408 Nothings stb stb_dupreplace integer overflow — stbCWE-190 6.3 Medium2025-04-08
CVE-2025-3407 Nothings stb stbhw_build_tileset_from_image out-of-bounds — stbCWE-125 6.3 Medium2025-04-08
CVE-2025-3406 Nothings stb Header Array stbhw_build_tileset_from_image out-of-bounds — stbCWE-125 4.3 Medium2025-04-08
CVE-2023-45682 Wild address read in vorbis_decode_packet_rest in stb_vorbis — stbCWE-125 5.3 Medium2023-10-20
CVE-2023-45681 Out of bounds heap buffer write in stb_vorbis — stbCWE-787 7.3 High2023-10-20
CVE-2023-45680 Null pointer dereference in vorbis_deinit in stb_vorbis — stbCWE-476 5.3 Medium2023-10-20
CVE-2023-45679 Attempt to free an uninitialized memory pointer in vorbis_deinit in stb_vorbis — stbCWE-415 7.3 High2023-10-20
CVE-2023-45678 Off-by-one heap buffer write in start_decoder in stb_vorbis — stbCWE-787 6.5 Medium2023-10-20
CVE-2023-45677 Heap buffer out of bounds write in start_decoder in stb_vorbis — stbCWE-787 7.3 High2023-10-20
CVE-2023-45676 Multi-byte write heap buffer overflow in start_decoder in stb_vorbis — stbCWE-787 7.3 High2023-10-20
CVE-2023-45675 0 byte write heap buffer overflow in start_decoder in stb_vorbis — stbCWE-787 6.5 Medium2023-10-20
CVE-2023-45667 Null pointer dereference because of an uninitialized variable in stb_image — stbCWE-476 5.3 Medium2023-10-20
CVE-2023-45666 Possible double-free or memory leak in stbi__load_gif_main in stb_image — stbCWE-415 7.3 High2023-10-20
CVE-2023-45664 Double-free in stbi__load_gif_main_outofmem in stb_image — stbCWE-415 7.3 High2023-10-20
CVE-2023-45663 Disclosure of uninitialized memory in stbi__tga_load in stb_image — stbCWE-908 5.3 Medium2023-10-20
CVE-2023-45662 Multi-byte read heap buffer overflow in stbi__vertical_flip in stb_image — stbCWE-125 6.5 Medium2023-10-20
CVE-2023-45661 Wild address read in stbi__gif_load_next in stb_image — stbCWE-125 6.5 Medium2023-10-20

This page lists every published CVE security advisory associated with Nothings. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.