High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-08	CVE-2019-7635	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. network low complexity libsdl opensuse debian fedoraproject canonical CWE-125	8.1
2019-02-07	CVE-2019-7578	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c. network low complexity libsdl opensuse debian fedoraproject canonical CWE-125	8.1
2019-02-07	CVE-2019-7577	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c. network low complexity libsdl opensuse debian fedoraproject canonical CWE-125	8.8
2019-02-07	CVE-2019-7576	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop). network low complexity libsdl debian opensuse fedoraproject canonical CWE-125	8.8
2019-02-07	CVE-2019-7575	Out-of-bounds Write vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c. network low complexity libsdl debian opensuse fedoraproject canonical CWE-787	8.8
2019-02-07	CVE-2019-7574	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c. network low complexity libsdl debian opensuse fedoraproject canonical CWE-125	8.8
2019-02-07	CVE-2019-7573	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop). network low complexity libsdl debian opensuse fedoraproject canonical CWE-125	8.8
2019-02-07	CVE-2019-7572	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c. network low complexity libsdl debian opensuse canonical fedoraproject CWE-125	8.8
2019-02-04	CVE-2019-1000018	Command Injection vulnerability in multiple products rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. local low complexity pizzashack debian fedoraproject canonical CWE-77	7.8
2019-02-03	CVE-2019-7310	Incorrect Conversion between Numeric Types vulnerability in multiple products In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo. local low complexity freedesktop canonical debian fedoraproject redhat CWE-681	7.8