Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : librsvg2-2.42.7-4.0.1.el8 (AXSA:2021-1255:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1255:01 advisory. librsvg: Resource exhaustion via crafted SVG file with nested patterns CVE-2019-20446 Tenable has extracted the preceding description block directly from the...

6.5CVSS5.5AI score0.02125EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-3114

Malware in sbrugna...

6.8CVSS8.9AI score0.04418EPSS
Exploits1References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-7471

Malware in sbrugna...

7.5CVSS7.4AI score0.02084EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-4321

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.02399EPSS
Exploits0References10
CNNVD
CNNVD
added 2023/07/22 12:0 a.m.2 views

librsvg 路径遍历漏洞

librsvg is the GNOME project's library for rendering SVG images to the Cairo surface, which is used by GNOME to render SVG icons. It is used by GNOME to render SVG icons. It is also used by other desktop environments outside of GNOME for similar purposes. Wikimedia uses it for Wikipedia's SVG...

5.5CVSS6.2AI score0.02132EPSS
Exploits1References16
SUSE CVE
SUSE CVE
added 2023/02/15 5:3 a.m.3 views

SUSE CVE-2016-4348

The rsvgcssnormalizefontsize function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service stack consumption and application crash via circular definitions in an SVG document...

7.5CVSS6.8AI score0.02427EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.3 views

SUSE CVE-2018-1000041

GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable v...

8.8CVSS7AI score0.02239EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2021/01/14 12:0 a.m.5 views

The vulnerability of many functions in the librsvg vector graphics rendering library, related to a resource management mechanism error, allows attackers to cause service failures.

The vulnerability of many functions in the librsvg vector graphics rendering library is related to a resource management mechanism error. Exploiting this vulnerability allows an attacker to cause service interruptions...

6.5CVSS6.9AI score0.02125EPSS
Exploits0References12Affected Software5
Veracode
Veracode
added 2020/11/05 3:18 a.m.29 views

Denial Of Service (DoS)

librsvg is vulnerable to denial of service. An attacker is able to cause a resource exhaustion via a malicious SVG file containing nested patterns...

6.5CVSS4.4AI score0.02125EPSS
Exploits0References12Affected Software1
CNVD
CNVD
added 2020/01/16 12:0 a.m.2 views

GNOME librsvg xml.rs file denial of service vulnerability

GNOME librsvg is an open source SVG graphics development library for the GNOME project. A security vulnerability exists in the xml.rs file in GNOME librsvg versions prior to 2.46.2. An attacker can exploit this vulnerability to cause a denial of service with a specially crafted SVG file...

6.5CVSS8.3AI score0.02125EPSS
Exploits0References1
OSV
OSV
added 2016/05/20 2:59 p.m.7 views

CVE-2015-7557

The rsvgnodepolybuildpath function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service out-of-bounds heap read via an odd number of elements in a coordinate pair in an SVG document...

7.5CVSS7.3AI score
Exploits0References3
Debian CVE
Debian CVE
added 2016/05/20 2:0 p.m.38 views

CVE-2016-4348

The rsvgcssnormalizefontsize function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service stack consumption and application crash via circular definitions in an SVG document...

7.5CVSS7.2AI score0.02427EPSS
Exploits0
CNVD
CNVD
added 2016/05/17 12:0 a.m.6 views

librsvg2 Out-of-Bounds Heap Read Vulnerability

librsvg2 is an SVG rendering engine written in C. It can be used to render a number of SVG files. A security vulnerability exists in librsvg2. An attacker can exploit this vulnerability to cause an out-of-bounds heap read with an SVG file...

7.5CVSS7.6AI score0.02084EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/30 12:0 a.m.5 views

LibRSVG '_rsvg_css_normalize_font_size' function denial of service vulnerability

LibRSVG is a SVG rendering engine written in C . A security vulnerability in the 'rsvgcssnormalizefontsize' function of LibRSVG allows remote attackers to cause a denial-of-service attack by exploiting the vulnerability to crash applications linking to this library...

7.5CVSS7.7AI score0.02427EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/03/18 12:0 a.m.27 views

Ubuntu 12.04 LTS / 12.10 / 13.10 : librsvg vulnerability (USN-2149-1)

It was discovered that librsvg would load XML external entities by default. If a user were tricked into viewing a specially crafted SVG file, an attacker could possibly obtain access to arbitrary files. Note that Tenable Network Security has extracted the preceding description block directly from...

4.3CVSS5.7AI score0.03197EPSS
Exploits0References2
Prion
Prion
added 2012/09/05 11:55 p.m.15 views

Null pointer dereference

librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service NULL pointer dereference and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as ...

6.8CVSS7.9AI score0.04418EPSS
Exploits1References10Affected Software1
UbuntuCve
UbuntuCve
added 2011/09/06 12:0 a.m.15 views

CVE-2011-3146

librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service NULL pointer dereference and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as ...

6.8CVSS7.5AI score0.04418EPSS
Exploits1References2
Rows per page
Query Builder