Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pango pango vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-12828
An issue exists in AnchorFree VPN SDK prior to 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file...
Pango Virtual Private Network Software Development Kit
1 Github repository
1 Article
9.8
CVSSv3
CVE-2019-1010238
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug...
Gnome Pango
Oracle Sd-wan Edge 8.2
Oracle Sd-wan Edge 7.3
Oracle Sd-wan Edge 8.0
Oracle Sd-wan Edge 8.1
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 10.0
Canonical Ubuntu Linux 19.04
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux Eus 7.6
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Openshift Container Platform 4.1
Redhat Enterprise Linux Eus 8.1
7.8
CVSSv3
CVE-2020-17365
Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and previous versions may allow an authorized user to potentially enable escalation of privilege via local access. The vulnerability allows a local user to corrupt system files: a local us...
Pango Hotspot Shield
7.8
CVSSv3
CVE-2019-18397
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi up to and including 1.0.7 allows an malicious user to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this ...
Gnu Fribidi
Debian Debian Linux 10.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2018-15120
libpango in Pango 1.40.8 up to and including 1.42.3, as used in hexchat and other products, allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.
Gnome Pango
Canonical Ubuntu Linux 18.04
1 EDB exploit
NA
CVE-2013-0927
Google Chrome OS prior to 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGO_RC_FILE environment variable, which allows malicious users to byp...
Google Chrome Os 26.0.1410.44
Google Chrome Os 26.0.1410.15
Google Chrome Os 26.0.1410.19
Google Chrome Os 26.0.1410.9
Google Chrome Os 26.0.1410.25
Google Chrome Os 26.0.1410.22
Google Chrome Os 26.0.1410.3
Google Chrome Os 26.0.1410.10
Google Chrome Os 26.0.1410.29
Google Chrome Os 26.0.1410.26
Google Chrome Os 26.0.1410.7
Google Chrome Os 26.0.1410.31
Google Chrome Os 26.0.1410.46
Google Chrome Os
Google Chrome Os 26.0.1410.36
Google Chrome Os 26.0.1410.45
Google Chrome Os 26.0.1410.6
Google Chrome Os 26.0.1410.48
Google Chrome Os 26.0.1410.50
Google Chrome Os 26.0.1410.20
Google Chrome Os 26.0.1410.23
Google Chrome Os 26.0.1410.17
NA
CVE-2011-3193
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt prior to 4.7.4 and Pango, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
Gnome Pango
Qt Qt
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.1
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Workstation 6.0
Opensuse Opensuse 11.3
Opensuse Opensuse 11.4
NA
CVE-2011-0064
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) or ...
Gnome Pango 1.28.3
Mozilla Firefox
NA
CVE-2011-0020
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and previous versions, when the FreeType2 backend is enabled, allows user-assisted remote malicious users to cause a denial of service (application cr...
Pango Pango 1.7
Pango Pango 1.5
Pango Pango 1.6
Pango Pango 1.17
Pango Pango 0.23
Pango Pango 1.9
Pango Pango 1.11
Pango Pango 0.22
Pango Pango 1.14
Pango Pango 1.21
Pango Pango 1.27
Pango Pango 1.1
Pango Pango 1.26
Pango Pango 1.16
Pango Pango 0.24
Pango Pango 1.8
Pango Pango 0.25
Pango Pango 1.4
Pango Pango 1.24
Pango Pango 1.19
Pango Pango 1.0
Pango Pango 1.15
1 EDB exploit
NA
CVE-2010-0421
Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango prior to 1.27.1 allows context-dependent malicious users to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph D...
Gnome Pango
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »