CVE-2019-7578
- EPSS 2.91%
- Veröffentlicht 07.02.2019 07:29:01
- Zuletzt bearbeitet 21.11.2024 04:48:21
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.
CVE-2019-7572
- EPSS 2.81%
- Veröffentlicht 07.02.2019 07:29:00
- Zuletzt bearbeitet 21.11.2024 04:48:20
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.
CVE-2019-7573
- EPSS 2.96%
- Veröffentlicht 07.02.2019 07:29:00
- Zuletzt bearbeitet 21.11.2024 04:48:20
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).
CVE-2019-7574
- EPSS 2.81%
- Veröffentlicht 07.02.2019 07:29:00
- Zuletzt bearbeitet 21.11.2024 04:48:21
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.
CVE-2019-7575
- EPSS 2.96%
- Veröffentlicht 07.02.2019 07:29:00
- Zuletzt bearbeitet 21.11.2024 04:48:21
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.
CVE-2019-7576
- EPSS 2.95%
- Veröffentlicht 07.02.2019 07:29:00
- Zuletzt bearbeitet 21.11.2024 04:48:21
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).
CVE-2019-7577
- EPSS 2.99%
- Veröffentlicht 07.02.2019 07:29:00
- Zuletzt bearbeitet 21.11.2024 04:48:21
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.
CVE-2019-3463
- EPSS 4.87%
- Veröffentlicht 06.02.2019 19:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:05
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
CVE-2019-3464
- EPSS 4.7%
- Veröffentlicht 06.02.2019 19:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:05
Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
CVE-2019-1000018
- EPSS 1.88%
- Veröffentlicht 04.02.2019 21:29:01
- Zuletzt bearbeitet 19.03.2025 20:15:15
rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An aut...