CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-12217
https://notcve.org/view.php?id=CVE-2019-12217
20 May 2019 — An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c. Se detectó un problema en libSDL2.a en Simple DirectMedia Layer (SDL) 2.0.9 cuando se usa junto con libSDL2_image.a en SDL2_image 2.0.4. Hay una diferencia de puntero NULL en la función stdio_read de SDL at file/SDL_rwops.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-12216
https://notcve.org/view.php?id=CVE-2019-12216
20 May 2019 — An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c. Se detectó un problema en libSDL2.a en Simple DirectMedia Layer (SDL) 2.0.9 cuando se usa junto con libSDL2_image.a en SDL2_image 2.0.4. Hay un desbordamiento de búfer basado en saturación en la función IMG_LoadPCX_RW SDL2_image at IMG_pcx.c. • https://bugzilla.libsdl.org/show_bug.cgi?id=4619 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 7%CPEs: 13EXPL: 1CVE-2019-7637 – SDL: heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c
https://notcve.org/view.php?id=CVE-2019-7637
08 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c. SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene un desbordamiento de búfer basado en memoria dinámica (heap) en SDL_FillRect en video/SDL_surface.c. Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Issues addressed include buffe... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 3%CPEs: 15EXPL: 1CVE-2019-7635 – SDL: heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c
https://notcve.org/view.php?id=CVE-2019-7635
08 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en Blit1to4 en video/SDL_blit_1.c. USN-4156-1 fixed several vulnerabilities in SDL. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that SDL incorrectly handle... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 3%CPEs: 12EXPL: 1CVE-2019-7636 – SDL: heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c
https://notcve.org/view.php?id=CVE-2019-7636
08 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c. SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en SDL_GetRGB en video/SDL_pixels.c. Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Issues addressed include buffer over... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 10EXPL: 1CVE-2019-7638 – SDL: heap-based buffer over-read in Map1toN in video/SDL_pixels.c
https://notcve.org/view.php?id=CVE-2019-7638
08 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c. SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en Map1toN en video/SDL_pixels.c. It was discovered that SDL 2.0 mishandled crafted image files resulting in an integer overflow. If a user were tricked into opening a malicious file, SDL 2.0 could be caused to crash or... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 11EXPL: 1CVE-2019-7572 – SDL: buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c
https://notcve.org/view.php?id=CVE-2019-7572
07 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c. SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene una sobrelectura de búfer en IMA_ADPCM_nibble en audio/SDL_wave.c. Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Issues addressed include buffer over-read and buffer overflow vulnerabili... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 11EXPL: 1CVE-2019-7573 – SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c
https://notcve.org/view.php?id=CVE-2019-7573
07 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop). SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en InitMS_ADPCM en audio/SDL_wave.c (dentro del bucle wNumCoef). Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 11EXPL: 1CVE-2019-7574 – SDL: heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c
https://notcve.org/view.php?id=CVE-2019-7574
07 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c. SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en IMA_ADPCM_decode en audio/SDL_wave.c. Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Issues addressed include buf... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 11EXPL: 1CVE-2019-7575 – SDL: heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c
https://notcve.org/view.php?id=CVE-2019-7575
07 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c. SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene un desbordamiento de búfer basado en memoria dinámica (heap) en MS_ADPCM_decode en audio/SDL_wave.c. USN-4156-1 fixed several vulnerabilities in SDL. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that SDL incorrec... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •