MiracleLinux 8 : cairo-1.15.12-6.el8, pixman-0.38.4-2.el8 (AXSA:2022-3446:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3446:01 advisory. cairo: libreoffice slideshow aborts with stack smashing in cairo's compositeboxes CVE-2020-35492 Tenable has extracted the preceding description block direct...

JLSEC-2025-12 cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of ser...

cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read because of mishandling of an unexpected malloc0 call...

EUVD-2014-1604

Malware in sbrugna...

EUVD-2016-6247

Malware in sbrugna...

EUVD-2017-18729

Malware in sbrugna...

EUVD-2007-5478

Malware in sbrugna...

EUVD-2017-0342

Malware in sbrugna...

EUVD-2020-23161

Malware in sbrugna...

EUVD-2016-4231

Malware in sbrugna...

Amazon Linux 2 : cairo, --advisory ALAS2-2025-2989 (ALAS-2025-2989)

The version of cairo installed on the remote host is prior to 1.15.12-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2989 advisory. An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program...

Linux Distros Unpatched Vulnerability : CVE-2020-35492

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's...

Alibaba Cloud Linux 3 : 0202: cairo and pixman (ALINUX3-SA-2022:0202)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0202 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-35492: A flaw was found in cairo's...

PT-2023-19311 · Openzeppelin · Openzeppelin Contracts For Cairo

Name of the Vulnerable Software and Affected Versions: OpenZeppelin Contracts for Cairo versions prior to 0.6.1 Description: The issue is related to the is valid eth signature function missing a call to finalize keccak after calling verify eth signature. This allows a malicious sequencer to bypas...

PT-2020-6179 · Cairo +7 · Cairo +7

Name of the Vulnerable Software and Affected Versions: cairo versions prior to 1.17.4 Description: A flaw was found in cairo's image-compositor.c, allowing an attacker who can provide a crafted input file to cause a stack buffer overflow, resulting in an out-of-bounds WRITE. This can lead to...

Cairo: Denial of service

Background Cairo is a 2D vector graphics library with cross-device output support. Description Multiple vulnerabilities have been discovered in Cairo. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There ...

UBUNTU-CVE-2018-18064

cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c the generate and renderrows functions and cairo-image-compositor.c the cairoimagespansandzero function...

CVE-2017-7475

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FTLoadGlyph and FTRenderGlyph resulting in an application crash...

CVE-2017-7475

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FTLoadGlyph and FTRenderGlyph resulting in an application crash...

CVE-2017-7475

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FTLoadGlyph and FTRenderGlyph resulting in an application crash...

CVE-2017-7475

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FTLoadGlyph and FTRenderGlyph resulting in an application crash...