Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
inkscape inkscape vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-42704
Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an malicious user to arbitrary execute code.
Inkscape Inkscape 0.91
5.5
CVSSv3
CVE-2012-5656
The rasterization process in Inkscape prior to 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.
Inkscape Inkscape
Fedoraproject Fedora 17
Fedoraproject Fedora 16
Fedoraproject Fedora 18
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 11.4
Opensuse Opensuse 12.2
Opensuse Opensuse 12.1
3.3
CVSSv3
CVE-2021-42702
Inkscape version 0.91 can access an uninitialized pointer, which may allow an malicious user to have access to unauthorized information.
Inkscape Inkscape 0.91
3.3
CVSSv3
CVE-2021-42700
Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an malicious user to have access to unauthorized information.
Inkscape Inkscape 0.91
NA
CVE-2012-6076
Inkscape prior to 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts.
Inkscape Inkscape
Inkscape Inkscape 0.48
Inkscape Inkscape 0.48.3
Inkscape Inkscape 0.44
Inkscape Inkscape 0.43
Inkscape Inkscape 0.42
Inkscape Inkscape 0.42.2
Inkscape Inkscape 0.47
Inkscape Inkscape 0.48.2
Inkscape Inkscape 0.46
Inkscape Inkscape 0.44.1
Inkscape Inkscape 0.41
Inkscape Inkscape 0.39
Inkscape Inkscape 0.38.1
Inkscape Inkscape 0.48.1
Inkscape Inkscape 0.45.1
Inkscape Inkscape 0.40
Inkscape Inkscape 0.37
NA
CVE-2007-1463
Format string vulnerability in Inkscape prior to 0.45.1 allows user-assisted remote malicious users to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs.
Inkscape Inkscape 0.44
Inkscape Inkscape 0.40
Inkscape Inkscape 0.41
Inkscape Inkscape 0.42.2
Inkscape Inkscape 0.43
Inkscape Inkscape 0.42
Inkscape Inkscape 0.42.1
NA
CVE-2007-1464
Format string vulnerability in the whiteboard Jabber protocol in Inkscape prior to 0.45.1 allows user-assisted remote malicious users to execute arbitrary code via unspecified vectors.
Inkscape Inkscape
NA
CVE-2005-3885
The ps2epsi extension shell script (ps2epsi.sh) in Inkscape prior to 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file.
Inkscape Inkscape 0.41
NA
CVE-2005-3737
Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 up to and including 0.42.2 might allow remote malicious users to execute arbitrary code via a SVG file with long CSS style property values.
Inkscape Inkscape 0.42.2
Inkscape Inkscape 0.41
Inkscape Inkscape 0.42
Inkscape Inkscape 0.42.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started