Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cairographics cairo vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-35492
A flaw was found in cairo's image-compositor.c in all versions before 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an applicat...
Cairographics Cairo
7.5
CVSSv3
CVE-2017-9814
cairo-truetype-subset.c in cairo 1.15.6 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.
Cairographics Cairo
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-6461
An issue exists in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
Cairographics Cairo 1.16.0
1 Github repository
6.5
CVSSv3
CVE-2019-6462
An issue exists in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.
Cairographics Cairo 1.16.0
1 Github repository
6.5
CVSSv3
CVE-2018-19876
cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid pointer" error.
Cairographics Cairo 1.16.0
1 Github repository
6.5
CVSSv3
CVE-2018-18064
cairo up to and including 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_...
Cairographics Cairo
5.5
CVSSv3
CVE-2017-7475
Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.
Cairographics Cairo 1.15.4
1 Github repository
5.5
CVSSv3
CVE-2016-9082
Integer overflow in the write_png function in cairo 1.14.6 allows remote malicious users to cause a denial of service (invalid pointer dereference) via a large svg file.
Cairographics Cairo 1.14.6
NA
CVE-2014-5116
The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent malicious users to cause a denial of service (NULL pointer dereference) via a large string.
Cairographics Cairo 1.10.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started