CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2019-14524
https://notcve.org/view.php?id=CVE-2019-14524
An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465. Se descubrió un problema en Schism Tracker a través de 20190722. Hay un desbordamiento de búfer basado en el montón a través de una gran cantidad de patrones de canciones en fmt_mtm_load_song en fmt / mtm.c, una vulnerabilidad diferente a CVE-2019-14465. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00083.html https://github.com/schismtracker/schismtracker/issues/201 https://github.com/schismtracker/schismtracker/releases/tag/20190805 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2019-5060
https://notcve.org/view.php?id=CVE-2019-5060
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código explotable en la función de renderización de imágenes XPM de SDL2_image 2.0.4. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.html https://talosintelligence.com/vulnerability_reports/TALOS-2019-0844 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5059
https://notcve.org/view.php?id=CVE-2019-5059
An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código explotable en la funcionalidad de renderización de imágenes XPM de SDL2_image 2.0.4. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.html https://talosintelligence.com/vulnerability_reports/TALOS-2019-0843 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5058
https://notcve.org/view.php?id=CVE-2019-5058
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código explotable en la funcionalidad de renderización de imágenes XCF de SDL2_image versión 2.0.4. Una imagen XCF especialmente diseñada puede causar un desbordamiento de la pila, resultando en la ejecución de código. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.html https://talosintelligence.com/vulnerability_reports/TALOS-2019-0842 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5057
https://notcve.org/view.php?id=CVE-2019-5057
An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código explotable en la funcionalidad de renderización de imágenes PCX de SDL2_image versión 2.0.4. Una imagen PCX especialmente diseñada puede causar un desbordamiento de la pila, resultando en la ejecución de código. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.html https://talosintelligence.com/vulnerability_reports/TALOS-2019-0841 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •