Lucene search
K

363 matches found

Rockylinux
Rockylinux
added 2022/05/17 7:10 a.m.18 views

new packages: pango

An update is available for pango. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...

2AI score
Exploits0
CBLMariner
CBLMariner
added 2022/04/26 7:57 p.m.14 views

CVE-2019-1010238 affecting package pango for versions less than 1.45.5-1

CVE-2019-1010238 affecting package pango for versions less than 1.45.5-1. This CVE either no longer is or was never applicable...

9.8CVSS9.6AI score0.06274EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2022/04/07 7:0 a.m.2 views

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

...

9.8CVSS8.1AI score0.06274EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.14 views

Mageia: Security Advisory (MGASA-2019-0235)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.06274EPSS
Exploits1References5
OSV
OSV
added 2021/11/09 8:47 a.m.7 views

ALEA-2021:4229 google-noto-emoji-fonts and pango bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0References1
AlmaLinux
AlmaLinux
added 2021/11/09 8:47 a.m.25 views

google-noto-emoji-fonts and pango bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0References1
Rockylinux
Rockylinux
added 2021/11/09 8:47 a.m.15 views

google-noto-emoji-fonts and pango bug fix and enhancement update

An update is available for google-noto-emoji-fonts, pango. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, s...

1.9AI score
Exploits0
Rosalinux
Rosalinux
added 2021/07/02 5:39 p.m.26 views

Advisory ROSA-SA-2021-1945

Software: pango 1.42.4 OS: Cobalt 7.9 CVE-ID: CVE-2020-17365 CVE-Crit: HIGH CVE-DESC: Incorrect directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier could allow an authorized user to potentially enable privilege escalation via local access. The...

7.8CVSS7.3AI score0.00379EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2018:2763-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.11499EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.28 views

CentOS 8 : pango (CESA-2019:2582)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:2582 advisory. - pango: pangolog2visgetembeddinglevels heap-based buffer overflow CVE-2019-1010238 Note that Nessus has not tested for this issue but has instead relied only o...

9.8CVSS8.4AI score0.06274EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/12/15 12:0 a.m.14 views

Virtuozzo 7 : pango / pango-devel / pango-tests (VZLSA-2019-2571)

An update for pango is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS7.9AI score0.06274EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2020/07/27 12:0 a.m.25 views

FreeBSD : pango -- buffer overflow (456375e1-cd09-11ea-9172-4c72b94353b5)

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is : The heap based buffer overflow can be used to get code execution. The component is : function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...

9.8CVSS8.3AI score0.06274EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.28 views

openSUSE Security Update : cairo (openSUSE-2020-1003)

This update for cairo fixes the following issues : - Fix a memory corruption in pango. - Revert 'Correctly decode Adobe CMYK JPEGs in PDF export'. - Add more FreeeType font color conversions to support COLR/CPAL. - Fix crash when rendering Microsoft's Segoe UI Emoji Regular font. - Fix memory lea...

7.5CVSS5.8AI score0.03463EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/06/04 12:0 a.m.40 views

Amazon Linux 2 : fribidi (ALAS-2020-1434)

The version of fribidi installed on the remote host is prior to 1.0.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1434 advisory. A buffer overflow in the fribidigetparembeddinglevelsex function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an...

7.8CVSS8.1AI score0.02182EPSS
Exploits0References3
CNVD
CNVD
added 2020/05/22 12:0 a.m.2 views

Unspecified Vulnerability in Pango AnchorFree VPN SDK

Pango AnchorFree VPN SDK is a VPN Virtual Private Network software development kit from Pango USA. A security vulnerability exists in Pango AnchorFree VPN SDK versions prior to 1.3.3.218. An attacker can exploit the vulnerability to execute malicious files with SYSTEM privileges...

10CVSS7.1AI score0.03278EPSS
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:59 a.m.31 views

Arbitrary Code Execution

pango is vulnerable to arbitrary code execution. The vulnerability exists as an input sanitization flaw, leading to a heap-based buffer overflow, was found in the way Pango displayed font files when using the FreeType font engine back end. If a user loaded a malformed font file with an applicatio...

7.6CVSS2.8AI score0.18944EPSS
Exploits1References18Affected Software2
Veracode
Veracode
added 2020/04/10 12:40 a.m.26 views

Denial Of Service (DoS)

pango is vulnerable to denial of service. An input sanitization flaw, leading to an array index error, was found in the way the Pango font rendering library synthesized the Glyph Definition GDEF table from a font's character map and the Unicode property database. If an attacker created a...

4.3CVSS1.9AI score0.02469EPSS
Exploits0References17Affected Software2
Veracode
Veracode
added 2020/04/10 12:34 a.m.24 views

Arbitrary Code Execution

pango is vulnerable to arbitrary code execution. The vulnerability exists as an integer overflow flaw in Pango's pangoglyphstringsetsize function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the permissions of the applicati...

6.8CVSS4.7AI score0.0413EPSS
Exploits2References34Affected Software2
Tenable Nessus
Tenable Nessus
added 2020/04/02 12:0 a.m.25 views

EulerOS Virtualization for ARM 64 3.0.6.0 : fribidi (EulerOS-SA-2020-1351)

According to the version of the fribidi package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A buffer overflow in the fribidigetparembeddinglevelsex function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allow...

7.8CVSS8AI score0.02182EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/03/31 8:15 p.m.6 views

imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service

A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image...

5.5CVSS5.9AI score0.02302EPSS
Exploits0References4
Rows per page
Query Builder