363 matches found
CVE-2019-1010238
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...
pango -- buffer overflow
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...
ImageMagick Uses Uninitialized Values Vulnerability (CNVD-2019-29236)
ImageMagick Studio ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A use of uninitialized values vulnerability exists in the ReadPANGOImage function in coders/pango.c in ImageMagick 7.0.8-34. No details of the vulnerability are provided ...
DEBIAN-CVE-2019-12978
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c...
UBUNTU-CVE-2019-12978
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c...
UBUNTU-CVE-2019-12974
A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image...
PT-2019-5877 · Imagemagick +4 · Imagemagick +4
Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8 through 7.0.34 Description: The issue is related to a NULL pointer dereference in the ReadPANGOImage and ReadVIDImage functions. This allows a remote attacker to cause a denial of service via a crafted image. There ...
PT-2019-5879 · Imagemagick +4 · Imagemagick +4
Name of the Vulnerable Software and Affected Versions: ImageMagick version 7.0.8-34 Description: The issue is related to the use of an uninitialized value in the ReadPANGOImage function in coders/pango.c, which can lead to incorrect initialization. This can potentially allow a remote attacker to...
GLSA-201811-07 : Pango: Denial of service
The remote host is affected by the vulnerability described in GLSA-201811-07 Pango: Denial of service Processing certain invalid Emoji sequences in a GTK+ application can trigger a reachable assertion resulting in an application crash. Impact : A remote attacker could provide a specially crafted...
openSUSE Security Update : pango (openSUSE-2019-707)
This update for pango fixes the following issue : Security issue fixed : - CVE-2018-15120: Fixed a denial of service when parsing emoji bsc1103877 This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
SUSE SLED15 / SLES15 Security Update : pango (SUSE-SU-2018:2763-1)
This update for pango fixes the following issues : Security issue fixed : CVE-2018-15120: Fixed a denial of service when parsing emoji bsc1103877 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
PackageKit, accountsservice, adwaita, appstream, at, atk, baobab, bolt, brasero, cairo, cheese, clutter, compat, control, dconf, devhelp, ekiga, empathy, eog, evince, evolution, file, flatpak, folks, fontconfig, freetype, fribidi, fwupd, fwupdate, gcr, gdk, gdm, gedit, geoclue2, geocode, gjs, glade, glib, glib2, glibmm24, gnome, gnote, gobject, gom, google, grilo, gsettings, gspell, gssdp, gstreamer1, gtk, gtk3, gtksourceview3, gucharmap, gupnp, gvfs, harfbuzz, json, libappstream, libchamplain, libcroco, libgdata, libgee, libgepub, libgexiv2, libgnomekbd, libgovirt, libgtop2, libgweather, libgxps, libical, libmediaart, libosinfo, libpeas, librsvg2, libsecret, libsoup, libwayland, libwnck3, mozjs52, mutter, nautilus, openchange, osinfo, pango, poppler, python2, rest, rhythmbox, seahorse, shotwell, sushi, totem, upower, vala, valadoc, vino, vte, vte291, wayland, webkitgtk4, xdg, yelp, zenity security update
CentOS Errata and Security Advisory CESA-2018:3140 An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Pango: Denial of service
Background Library for layout and rendering of internationalized text. Description Processing certain invalid Emoji sequences in a GTK+ application can trigger a reachable assertion resulting in an application crash. Impact A remote attacker could provide a specially crafted Emoji sequences,...
openSUSE: Security Advisory for pango (openSUSE-SU-2018:2790-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
FreeBSD : pango -- remote DoS vulnerability (5a757a31-f98e-4bd4-8a85-f1c0f3409769)
libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted text with invalid Unicode sequences. C Tenable Network Security, Inc. The descriptive text a...
openSUSE Security Update : pango (openSUSE-2018-1026)
This update for pango fixes the following issue : Security issue fixed : - CVE-2018-15120: Fixed a denial of service when parsing emoji bsc1103877 This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
Security update for pango (moderate)
This update for pango fixes the following issue: Security issue fixed: - CVE-2018-15120: Fixed a denial of service when parsing emoji bsc1103877 This update was imported from the SUSE:SLE-15:Update update project...
SUSE-SU-2018:2763-1 Security update for pango
This update for pango fixes the following issues: Security issue fixed: - CVE-2018-15120: Fixed a denial of service when parsing emoji bsc1103877...
Fedora Update for pango FEDORA-2018-83116f8692
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : pango (2018-83116f8692)
Security fix for CVE-2018-15120 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...