CVE-2026-35444

SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size cmnum. A crafted .xcf file with a small colormap and...

EUVD-2017-12028

Malware in sbrugna...

EUVD-2008-0554

Malware in sbrugna...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : VLC media player vulnerabilities (USN-6180-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6180-1 advisory. It was discovered that VLC could be made to read out of bounds when decoding image files. If a user were tricked into...

Mageia: Security Advisory (MGASA-2018-0170)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0276)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0397)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0363)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-19721

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

CVE-2019-19721

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

Memory corruption

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

CVE-2019-19721

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

CVE-2019-19721

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

Ubuntu 16.04 LTS / 18.04 LTS : SDL_image vulnerabilities (USN-4238-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4238-1 advisory. It was discovered that SDLimage incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of servi...

USN-4238-1: SDL_image vulnerabilities

It was discovered that SDLimage incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

Updated SDL_image packages fix security vulnerabilities

The updated packages fix security vulnerabilities: An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted imag...

Security update for SDL_image (moderate)

openSUSE Security Update: Security update for SDLimage Announcement ID: openSUSE-SU-2019:2109-1 Rating: moderate References: 1124827 1140421 1141844 1143763 1143764 1143766 1143768 Cross-References: CVE-2019-13616 CVE-2019-5052 CVE-2019-5057 CVE-2019-5058 CVE-2019-5059 CVE-2019-5060 CVE-2019-7635...

openSUSE: Security Advisory for SDL_image (openSUSE-SU-2019:2071-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : SDL_image (openSUSE-2019-2071)

This update for SDLimage fixes the following issues : Update SDLImage to new snapshot 1.2.12+hg695. Security issues fixed : - TALOS-2019-0821 CVE-2019-5052: exploitable integer overflow vulnerability when loading a PCX file boo1140421 - TALOS-2019-0841 CVE-2019-5057: code execution vulnerability ...

Security update for SDL_image (moderate)

openSUSE Security Update: Security update for SDLimage Announcement ID: openSUSE-SU-2019:2071-1 Rating: moderate References: 1124827 1140421 1141844 1143763 1143764 1143766 1143768 Cross-References: CVE-2019-13616 CVE-2019-5052 CVE-2019-5057 CVE-2019-5058 CVE-2019-5059 CVE-2019-5060 CVE-2019-7635...