Lucene search
+L

363 matches found

UbuntuCve
UbuntuCve
added 2019/07/19 12:0 a.m.18 views

CVE-2019-1010238

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...

9.8CVSS7.4AI score0.06274EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2019/07/19 12:0 a.m.23 views

pango -- buffer overflow

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...

9.8CVSS4.3AI score0.06274EPSS
Exploits1References2
CNVD
CNVD
added 2019/06/27 12:0 a.m.3 views

ImageMagick Uses Uninitialized Values Vulnerability (CNVD-2019-29236)

ImageMagick Studio ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A use of uninitialized values vulnerability exists in the ReadPANGOImage function in coders/pango.c in ImageMagick 7.0.8-34. No details of the vulnerability are provided ...

7.8CVSS6.8AI score0.01859EPSS
Exploits0References1
OSV
OSV
added 2019/06/26 6:15 p.m.1 views

DEBIAN-CVE-2019-12978

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c...

7.8CVSS8.4AI score0.01859EPSS
Exploits0References1
OSV
OSV
added 2019/06/26 6:15 p.m.9 views

UBUNTU-CVE-2019-12978

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c...

7.8CVSS6.9AI score0.01859EPSS
Exploits0References4
OSV
OSV
added 2019/06/26 6:15 p.m.11 views

UBUNTU-CVE-2019-12974

A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image...

5.5CVSS6.8AI score0.02302EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/06/26 12:0 a.m.5 views

PT-2019-5877 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8 through 7.0.34 Description: The issue is related to a NULL pointer dereference in the ReadPANGOImage and ReadVIDImage functions. This allows a remote attacker to cause a denial of service via a crafted image. There ...

9.8CVSS6.3AI score0.05916EPSS
Exploits69References486
Positive Technologies
Positive Technologies
added 2019/06/26 12:0 a.m.3 views

PT-2019-5879 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick version 7.0.8-34 Description: The issue is related to the use of an uninitialized value in the ReadPANGOImage function in coders/pango.c, which can lead to incorrect initialization. This can potentially allow a remote attacker to...

9.8CVSS6.5AI score0.05916EPSS
Exploits69References481
Tenable Nessus
Tenable Nessus
added 2019/04/22 12:0 a.m.32 views

GLSA-201811-07 : Pango: Denial of service

The remote host is affected by the vulnerability described in GLSA-201811-07 Pango: Denial of service Processing certain invalid Emoji sequences in a GTK+ application can trigger a reachable assertion resulting in an application crash. Impact : A remote attacker could provide a specially crafted...

6.5CVSS6.3AI score0.11499EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.30 views

openSUSE Security Update : pango (openSUSE-2019-707)

This update for pango fixes the following issue : Security issue fixed : - CVE-2018-15120: Fixed a denial of service when parsing emoji bsc1103877 This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

6.5CVSS6AI score0.11499EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.30 views

SUSE SLED15 / SLES15 Security Update : pango (SUSE-SU-2018:2763-1)

This update for pango fixes the following issues : Security issue fixed : CVE-2018-15120: Fixed a denial of service when parsing emoji bsc1103877 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

6.5CVSS6.1AI score0.11499EPSS
Exploits5References4
Cent OS
Cent OS
added 2018/11/15 6:43 p.m.813 views

PackageKit, accountsservice, adwaita, appstream, at, atk, baobab, bolt, brasero, cairo, cheese, clutter, compat, control, dconf, devhelp, ekiga, empathy, eog, evince, evolution, file, flatpak, folks, fontconfig, freetype, fribidi, fwupd, fwupdate, gcr, gdk, gdm, gedit, geoclue2, geocode, gjs, glade, glib, glib2, glibmm24, gnome, gnote, gobject, gom, google, grilo, gsettings, gspell, gssdp, gstreamer1, gtk, gtk3, gtksourceview3, gucharmap, gupnp, gvfs, harfbuzz, json, libappstream, libchamplain, libcroco, libgdata, libgee, libgepub, libgexiv2, libgnomekbd, libgovirt, libgtop2, libgweather, libgxps, libical, libmediaart, libosinfo, libpeas, librsvg2, libsecret, libsoup, libwayland, libwnck3, mozjs52, mutter, nautilus, openchange, osinfo, pango, poppler, python2, rest, rhythmbox, seahorse, shotwell, sushi, totem, upower, vala, valadoc, vino, vte, vte291, wayland, webkitgtk4, xdg, yelp, zenity security update

CentOS Errata and Security Advisory CESA-2018:3140 An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7AI score0.13207EPSS
Exploits19References7
Gentoo Linux
Gentoo Linux
added 2018/11/10 12:0 a.m.499 views

Pango: Denial of service

Background Library for layout and rendering of internationalized text. Description Processing certain invalid Emoji sequences in a GTK+ application can trigger a reachable assertion resulting in an application crash. Impact A remote attacker could provide a specially crafted Emoji sequences,...

6.5CVSS4AI score0.11499EPSS
Exploits5
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.15 views

openSUSE: Security Advisory for pango (openSUSE-SU-2018:2790-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.8AI score0.11499EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2018/10/02 12:0 a.m.28 views

FreeBSD : pango -- remote DoS vulnerability (5a757a31-f98e-4bd4-8a85-f1c0f3409769)

libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted text with invalid Unicode sequences. C Tenable Network Security, Inc. The descriptive text a...

6.5CVSS6.4AI score0.11499EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2018/09/24 12:0 a.m.29 views

openSUSE Security Update : pango (openSUSE-2018-1026)

This update for pango fixes the following issue : Security issue fixed : - CVE-2018-15120: Fixed a denial of service when parsing emoji bsc1103877 This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

6.5CVSS6AI score0.11499EPSS
Exploits5References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/09/21 6:8 p.m.69 views

Security update for pango (moderate)

This update for pango fixes the following issue: Security issue fixed: - CVE-2018-15120: Fixed a denial of service when parsing emoji bsc1103877 This update was imported from the SUSE:SLE-15:Update update project...

4AI score0.11499EPSS
Exploits5References1
OSV
OSV
added 2018/09/20 6:6 a.m.4 views

SUSE-SU-2018:2763-1 Security update for pango

This update for pango fixes the following issues: Security issue fixed: - CVE-2018-15120: Fixed a denial of service when parsing emoji bsc1103877...

6.5CVSS6.4AI score0.11499EPSS
Exploits5References3
OpenVAS
OpenVAS
added 2018/09/14 12:0 a.m.23 views

Fedora Update for pango FEDORA-2018-83116f8692

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.11499EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2018/09/14 12:0 a.m.31 views

Fedora 27 : pango (2018-83116f8692)

Security fix for CVE-2018-15120 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

6.5CVSS6.2AI score0.11499EPSS
Exploits5References2
Rows per page
Query Builder