Inkscape version 0.91 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized...
3.3CVSS
4AI Score
0.0005EPSS
Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized...
3.3CVSS
4AI Score
0.0005EPSS
Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute...
7.8CVSS
7.6AI Score
0.001EPSS
Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified...
6.2AI Score
0.0004EPSS
The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection...
5.5CVSS
6.2AI Score
0.001EPSS
Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified...
7.4AI Score
0.112EPSS
Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain...
7.3AI Score
0.176EPSS
The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary...
6.1AI Score
0.0004EPSS
Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property...
7.7AI Score
0.219EPSS