Vulnerabilities (CVE)

Filter

70768 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-7635 3 Libsdl, Debian, Opensuse 3 Simple Directmedia Layer, Debian Linux, Leap 2019-07-22 6.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.
CVE-2019-5737 2 Nodejs, Opensuse 2 Node.js, Leap 2019-07-22 5.0
In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very...
CVE-2019-5052 1 Libsdl 1 Sdl2 Image 2019-07-22 6.8
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and...
CVE-2019-12222 1 Libsdl 1 Simple Directmedia Layer 2019-07-22 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9. There is an out-of-bounds read in the function SDL_InvalidateMap at video/SDL_pixels.c.
CVE-2019-12221 1 Libsdl 2 Sdl2 Image, Simple Directmedia Layer 2019-07-22 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.
CVE-2019-12220 1 Libsdl 2 Sdl2 Image, Simple Directmedia Layer 2019-07-22 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_FreePalette_REAL at video/SDL_pixels.c.
CVE-2019-12219 1 Libsdl 2 Sdl2 Image, Simple Directmedia Layer 2019-07-22 6.8
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c.
CVE-2019-12218 1 Libsdl 2 Sdl2 Image, Simple Directmedia Layer 2019-07-22 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
CVE-2019-12217 1 Libsdl 2 Sdl2 Image, Simple Directmedia Layer 2019-07-22 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c.
CVE-2019-12216 1 Libsdl 2 Sdl2 Image, Simple Directmedia Layer 2019-07-22 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
CVE-2018-3977 1 Libsdl 1 Sdl2 Image 2019-07-22 6.8
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted...
CVE-2019-2277 1 Qualcomm 28 Msm8996au Firmware, Qcs405 Firmware, Qcs605 Firmware and 25 more 2019-07-22 4.6
Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MSM8996AU,...
CVE-2019-2292 1 Qualcomm 31 Mdm9150 Firmware, Mdm9650 Firmware, Msm8996au Firmware and 28 more 2019-07-22 4.6
Out of bound access can occur due to buffer copy without checking size of input received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9650,...
CVE-2019-6822 1 Schneider-electric 1 Zelio Soft 2 2019-07-22 6.8
A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 and earlier, which could cause remote code execution when opening a specially crafted Zelio Soft 2 project file.
CVE-2019-1010300 1 Mz-automation 1 Libiec61850 2019-07-22 5.0
mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet.
CVE-2019-1579 1 Paloaltonetworks 1 Pan-os 2019-07-22 6.8
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code.
CVE-2019-14214 1 Foxitsoftware 1 Phantompdf 2019-07-22 5.0
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function.
CVE-2019-14213 1 Foxitsoftware 1 Phantompdf 2019-07-22 5.0
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction.
CVE-2019-14212 1 Foxitsoftware 1 Phantompdf 2019-07-22 5.0
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object.
CVE-2019-14211 1 Foxitsoftware 1 Phantompdf 2019-07-22 5.0
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript.