| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2019-7635 |
3 Libsdl, Debian, Opensuse |
3 Simple Directmedia Layer, Debian Linux, Leap |
2019-07-22 |
6.8 |
| SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. |
| CVE-2019-5737 |
2 Nodejs, Opensuse |
2 Node.js, Leap |
2019-07-22 |
5.0 |
| In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very... |
| CVE-2019-5052 |
1 Libsdl |
1 Sdl2 Image |
2019-07-22 |
6.8 |
| An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and... |
| CVE-2019-12222 |
1 Libsdl |
1 Simple Directmedia Layer |
2019-07-22 |
4.3 |
| An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9. There is an out-of-bounds read in the function SDL_InvalidateMap at video/SDL_pixels.c. |
| CVE-2019-12221 |
1 Libsdl |
2 Sdl2 Image, Simple Directmedia Layer |
2019-07-22 |
4.3 |
| An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c. |
| CVE-2019-12220 |
1 Libsdl |
2 Sdl2 Image, Simple Directmedia Layer |
2019-07-22 |
4.3 |
| An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_FreePalette_REAL at video/SDL_pixels.c. |
| CVE-2019-12219 |
1 Libsdl |
2 Sdl2 Image, Simple Directmedia Layer |
2019-07-22 |
6.8 |
| An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c. |
| CVE-2019-12218 |
1 Libsdl |
2 Sdl2 Image, Simple Directmedia Layer |
2019-07-22 |
4.3 |
| An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c. |
| CVE-2019-12217 |
1 Libsdl |
2 Sdl2 Image, Simple Directmedia Layer |
2019-07-22 |
4.3 |
| An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c. |
| CVE-2019-12216 |
1 Libsdl |
2 Sdl2 Image, Simple Directmedia Layer |
2019-07-22 |
4.3 |
| An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c. |
| CVE-2018-3977 |
1 Libsdl |
1 Sdl2 Image |
2019-07-22 |
6.8 |
| An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted... |
| CVE-2019-2277 |
1 Qualcomm |
28 Msm8996au Firmware, Qcs405 Firmware, Qcs605 Firmware and 25 more |
2019-07-22 |
4.6 |
| Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MSM8996AU,... |
| CVE-2019-12551 |
|
|
2019-07-22 |
N/A |
| In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the Memcpy function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution. |
| CVE-2019-12552 |
|
|
2019-07-22 |
N/A |
| In SweetScape 010 Editor 9.0.1, an integer overflow during the initialization of variables could allow an attacker to cause a denial of service. |
| CVE-2019-2292 |
1 Qualcomm |
31 Mdm9150 Firmware, Mdm9650 Firmware, Msm8996au Firmware and 28 more |
2019-07-22 |
4.6 |
| Out of bound access can occur due to buffer copy without checking size of input received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9650,... |
| CVE-2019-6822 |
1 Schneider-electric |
1 Zelio Soft 2 |
2019-07-22 |
6.8 |
| A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 and earlier, which could cause remote code execution when opening a specially crafted Zelio Soft 2 project file. |
| CVE-2019-2269 |
1 Qualcomm |
24 Mdm9150 Firmware, Mdm9650 Firmware, Msm8996au Firmware and 21 more |
2019-07-22 |
7.5 |
| Possible buffer overflow while processing the high level lim process action frame due to improper buffer length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon... |
| CVE-2019-1010300 |
1 Mz-automation |
1 Libiec61850 |
2019-07-22 |
5.0 |
| mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet. |
| CVE-2019-3414 |
|
|
2019-07-22 |
N/A |
| All versions up to V1.19.20.02 of ZTE OTCP product are impacted by XSS vulnerability. Due to XSS, when an attacker invokes the security management to obtain the resources of the specified operation code owned by a user, the malicious script code... |
| CVE-2019-1579 |
1 Paloaltonetworks |
1 Pan-os |
2019-07-22 |
6.8 |
| Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code. |
