Lucene search
+L

216 matches found

Cvelist
Cvelist
added 2019/07/03 6:43 p.m.26 views

CVE-2019-5052

An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a...

8.8CVSS8.8AI score0.04515EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2019/07/03 6:43 p.m.47 views

CVE-2019-5052

An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a...

8.8CVSS9AI score0.04515EPSS
Exploits1
CVE
CVE
added 2019/07/03 6:43 p.m.341 views

CVE-2019-5052

CVE-2019-5052 affects SDL2_image 2.0.4, where loading a PCX file can trigger an exploitable integer overflow, causing too little memory to be allocated and leading to a buffer overflow with potential code execution. The vulnerability is referenced in multiple advisories (e.g., Mageia MGASA-2019-0...

8.8CVSS8.7AI score0.04515EPSS
Exploits1References8Affected Software1
Talos Blog
Talos Blog
added 2019/07/02 10:9 a.m.82 views

Vulnerability Spotlight: Remote code execution vulnerabilities in Simple DirectMedia Layer

Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Simple DirectMedia Layer contains two vulnerabilities that could an attacker to remotely execute code on the victim’s machine. Both bugs are present in the SDL2image library, which is used for loading images in different...

6.8CVSS1.5AI score0.04515EPSS
Exploits2
Talos
Talos
added 2019/07/02 12:0 a.m.89 views

Simple DirectMedia Layer SDL2_image IMG_LoadPCX_RW code execution vulnerability

Summary An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability...

8.8CVSS8.8AI score0.04043EPSS
Exploits1
Talos
Talos
added 2019/07/02 12:0 a.m.80 views

Simple DirectMedia Layer SDL2_image IMG_LoadPCX_RW signed comparison code execution vulnerability

Summary An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provid...

8.8CVSS8.9AI score0.04515EPSS
Exploits1
FreeBSD
FreeBSD
added 2019/07/02 12:0 a.m.32 views

SDL2_image -- multiple vulnerabilities

SDLimage developers report: Fixed a number of security issues: TALOS-2019-0820 TALOS-2019-0821 TALOS-2019-0841 TALOS-2019-0842 TALOS-2019-0843 TALOS-2019-0844...

8.8CVSS3.3AI score0.04515EPSS
Exploits3References6
NVD
NVD
added 2019/05/20 5:29 p.m.20 views

CVE-2019-12219

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an invalid free error in the SDL function SDLSetErrorREAL at SDLerror.c...

8.8CVSS8.4AI score0.02001EPSS
Exploits1References6
OSV
OSV
added 2019/05/20 5:29 p.m.8 views

CVE-2019-12216

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a heap-based buffer overflow in the SDL2image function IMGLoadPCXRW at IMGpcx.c...

6.5CVSS8.9AI score
Exploits0References6
OSV
OSV
added 2019/05/20 5:29 p.m.28 views

CVE-2019-12217

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL stdioread function in file/SDLrwops.c...

6.5CVSS6.6AI score
Exploits0References8
NVD
NVD
added 2019/05/20 5:29 p.m.18 views

CVE-2019-12221

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a SEGV in the SDL function SDLfreeREAL at stdlib/SDLmalloc.c...

6.5CVSS6.7AI score0.01969EPSS
Exploits1References8
OSV
OSV
added 2019/05/20 5:29 p.m.29 views

CVE-2019-12219

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an invalid free error in the SDL function SDLSetErrorREAL at SDLerror.c...

8.8CVSS6.7AI score
Exploits0References6
OSV
OSV
added 2019/05/20 5:29 p.m.26 views

CVE-2019-12218

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL2image function IMGLoadPCXRW at IMGpcx.c...

6.5CVSS6.6AI score
Exploits0References8
Prion
Prion
added 2019/05/20 5:29 p.m.29 views

Null pointer dereference

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL stdioread function in file/SDLrwops.c...

4.3CVSS6.8AI score0.02269EPSS
Exploits1References8Affected Software2
Prion
Prion
added 2019/05/20 5:29 p.m.26 views

Design/Logic Flaw

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a SEGV in the SDL function SDLfreeREAL at stdlib/SDLmalloc.c...

4.3CVSS6.5AI score0.01969EPSS
Exploits1References8Affected Software7
Prion
Prion
added 2019/05/20 5:29 p.m.18 views

Heap overflow

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a heap-based buffer overflow in the SDL2image function IMGLoadPCXRW at IMGpcx.c...

4.3CVSS6.8AI score0.0221EPSS
Exploits1References6Affected Software5
UbuntuCve
UbuntuCve
added 2019/05/20 5:29 p.m.28 views

CVE-2019-12217

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL stdioread function in file/SDLrwops.c...

6.5CVSS6.8AI score0.02269EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2019/05/20 5:29 p.m.29 views

CVE-2019-12220

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an out-of-bounds read in the SDL function SDLFreePaletteREAL at video/SDLpixels.c...

6.5CVSS6.8AI score0.0187EPSS
Exploits1References2
Prion
Prion
added 2019/05/20 5:29 p.m.23 views

Design/Logic Flaw

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an invalid free error in the SDL function SDLSetErrorREAL at SDLerror.c...

6.8CVSS8.6AI score0.02001EPSS
Exploits1References6Affected Software2
OSV
OSV
added 2019/05/20 5:29 p.m.5 views

UBUNTU-CVE-2019-12217

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL stdioread function in file/SDLrwops.c...

6.5CVSS6.8AI score0.02269EPSS
Exploits1References3
Rows per page
Query Builder