Total
23 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-18584 | 7 Cabextract Project, Canonical, Debian and 4 more | 7 Cabextract, Ubuntu Linux, Debian Linux and 4 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. | |||||
CVE-2018-3839 | 3 Debian, Libsdl, Starwindsoftware | 3 Debian Linux, Sdl Image, Starwind Virtual San | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
CVE-2018-3837 | 3 Debian, Libsdl, Starwindsoftware | 3 Debian Linux, Sdl Image, Starwind Virtual San | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the heap, resulting in information disclosure . An attacker can display a specially crafted image to trigger this vulnerability. |