CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-4743 – Gentoo Linux Security Advisory 202305-18
https://notcve.org/view.php?id=CVE-2022-4743
12 Jan 2023 — A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected. Multiple vulnerabilities have been found in libsdl2, the worst of which could result in arbitrary code execution. • https://access.redhat.com/security/cve/CVE-2022-4743 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-33657 – Gentoo Linux Security Advisory 202305-18
https://notcve.org/view.php?id=CVE-2021-33657
01 Apr 2022 — There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution. Se presenta un problema de desbordamiento de pila en el archivo video/SDL_pixels.c en SDL (Simple DirectMedia Layer) versiones 2.x a 2.0.18. Al diseñar un archivo .BMP malicioso, un atacante puede causar el bloqueo de la aplicación que usa esta biblioteca, una... • https://github.com/libsdl-org/SDL/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2019-14906 – SDL: not fixed in Red Hat Enterprise Linux 7 erratum RHSA-2019:3950
https://notcve.org/view.php?id=CVE-2019-14906
02 Dec 2019 — A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow flaw while copying an existing surface into a new optimized one, due to a lack of validation while loading a BMP image, is possible. An application that uses SDL to parse untrusted input files may be vulnerable to this flaw, which could allow an attacker to make the applica... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14906 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 4%CPEs: 23EXPL: 1CVE-2019-13616 – SDL: heap-based buffer overflow in SDL blit functions in video/SDL_blit*.c
https://notcve.org/view.php?id=CVE-2019-13616
16 Jul 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. hasta 2.0.9, presenta una lectura excesiva del búfer en la región heap de la memoria en BlitNtoN en el archivo video/SDL_blit_N.c cuando es llamado desde SDL_SoftBlit en el archivo video/SDL_blit.c. A heap-based buffer overflow was discovered in SDL in the SDL_BlitCopy() function, that was called while copying an existing s... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-12222
https://notcve.org/view.php?id=CVE-2019-12222
20 May 2019 — An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9. There is an out-of-bounds read in the function SDL_InvalidateMap at video/SDL_pixels.c. Se descubrió un problema en libSDL2.a en Simple DirectMedia Layer (SDL) 2.0.9. Hay una lectura fuera de límites en la función SDL_InvalidateMap at video/SDL_pixels.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 1%CPEs: 11EXPL: 1CVE-2019-12221
https://notcve.org/view.php?id=CVE-2019-12221
20 May 2019 — An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c. Se detectó un problema en libSDL2.a en Simple DirectMedia Layer (SDL) 2.0.9 cuando se usa junto con libSDL2_image.a en SDL2_image 2.0.4. Hay un SEGV en la función SDL SDL_free_REAL at stdlib / SDL_malloc.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-12220
https://notcve.org/view.php?id=CVE-2019-12220
20 May 2019 — An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_FreePalette_REAL at video/SDL_pixels.c. Se detectó un problema en libSDL2.a en Simple DirectMedia Layer (SDL) 2.0.9 cuando se usa junto con libSDL2_image.a en SDL2_image 2.0.4. Hay una lectura de fuera de límites en la función SDL_FreePalette_REAL de SDL at video / SDL_pixels.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-12219 – Ubuntu Security Notice USN-4238-1
https://notcve.org/view.php?id=CVE-2019-12219
20 May 2019 — An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c. Se detectó un problema en libSDL2.a en Simple DirectMedia Layer (SDL) 2.0.9 cuando se usa junto con libSDL2_image.a en SDL2_image 2.0.4. Hay un error gratuito no válido en la función SDL_SetError_REAL de SDL en SDL_error.c. It was discovered that SDL_image incorrectly handled certai... • https://bugzilla.libsdl.org/show_bug.cgi?id=4625 • CWE-415: Double Free •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-12218
https://notcve.org/view.php?id=CVE-2019-12218
20 May 2019 — An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c. Se detectó un problema en libSDL2.a en Simple DirectMedia Layer (SDL) 2.0.9 cuando se usa junto con libSDL2_image.a en SDL2_image 2.0.4. Hay una diferencia de puntero NULL en la function SDL2_image IMG_LoadPCX_RW at IMG_pcx.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-12217
https://notcve.org/view.php?id=CVE-2019-12217
20 May 2019 — An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c. Se detectó un problema en libSDL2.a en Simple DirectMedia Layer (SDL) 2.0.9 cuando se usa junto con libSDL2_image.a en SDL2_image 2.0.4. Hay una diferencia de puntero NULL en la función stdio_read de SDL at file/SDL_rwops.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html • CWE-476: NULL Pointer Dereference •