MiracleLinux 3 : pango-1.14.9-8.AXS3.3 (AXSA:2011-317:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-317:02 advisory. Pango is a system for layout and rendering of internationalized text. Security issues fixed with this release: CVE-2011-3193 No information available at the...

MiracleLinux 3 : pango-1.14.9-8.AXS3 (AXSA:2010-147:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-147:02 advisory. Pango is a system for layout and rendering of internationalized text. Security issues fixed with this release: CVE-2010-0421 No description available at the...

MiracleLinux 3 : pango-1.14.9-8.AXS3.2 (AXSA:2011-15:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-15:01 advisory. Pango is a system for layout and rendering of internationalized text. Security issues fixed with this release: CVE-2011-0020 Heap-based buffer overflow in the...

EUVD-2013-0938

Malware in sbrugna...

EUVD-2009-1193

Malware in sbrugna...

Advisory ROSA-SA-2025-2687

Software: pango 1.42.4 OS: ROSA Virtualization 3.0 packageevrstring: pango-1.42.4-8 CVE-ID: CVE-2019-1010238 BDU-ID: 2019-02871 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the pangolog2visgetembeddinglevels function of the Pango library is related to an operation exceeding buffer boundaries...

K34508112: Pango vulnerability CVE-2019-1010238

Security Advisory Description Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vecto...

SUSE CVE-2019-1010238

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...

Denial Of Service (DoS)

pango is vulnerable to denial of service. An input sanitization flaw, leading to an array index error, was found in the way the Pango font rendering library synthesized the Glyph Definition GDEF table from a font's character map and the Unicode property database. If an attacker created a...

NewStart CGSL CORE 5.05 / MAIN 5.05 : pango Vulnerability (NS-SA-2019-0232)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has pango packages installed that are affected by a vulnerability: - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is:...

Arbitrary Code Execution

pango is vulnerable to arbitrary code execution. A heap-based buffer overflow in the function pangolog2visgetembeddinglevels allows a remote attacker to execute arbitrary code by passing malicious utf-8 strings to the pangoitemize function...

Ubuntu 19.04 : Pango vulnerability (USN-4081-1)

It was discovered that Pango incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically...

USN-3750-1: Pango vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Jeffrey M. discovered that Pango incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Affected Cloud Foundry Products and Versions Severity is medium...

Pango Denial of Service Vulnerability

Pango is an open-source library of free functions for high-quality rendering of internationalized text. A security vulnerability exists in libpango in versions prior to Pango 1.42.4 used in hexchat and other products. A remote attacker can exploit this vulnerability to cause a denial of service...

ALPINE-CVE-2018-15120

libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted text with invalid Unicode sequences...

Ubuntu 18.04 LTS : Pango vulnerability (USN-3750-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3750-1 advisory. Jeffrey M. discovered that Pango incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Tenable has extracted...

qt/harfbuzz buffer overflow

Heap-based buffer overflow in the LookupMarkMarkPos function in the HarfBuzz module harfbuzz-gpos.c, as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...

pango: Heap-based buffer overflow by rendering glyph box for certain FT_Bitmap objects

Heap-based buffer overflow in the pangoft2fontrenderboxglyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code...

CVE-2010-0421

Array index error in the hbotlayoutbuildglyphclasses function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service application crash via a crafted font file, related to building a synthetic Glyph Definition aka GDEF table by usin...

DEBIAN-CVE-2010-0421

Array index error in the hbotlayoutbuildglyphclasses function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service application crash via a crafted font file, related to building a synthetic Glyph Definition aka GDEF table by usin...