Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
graphviz graphviz - vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-10196
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote malicious users to cause a denial of service (application crash) via a crafted file.
Graphviz Graphviz 2.40.1
Fedoraproject Fedora 27
Fedoraproject Fedora 28
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
NA
CVE-2005-2965
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4802, CVE-2005-4803. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should consult CVE-2005-4802 and CVE-200...
NA
CVE-2014-1243
Apple QuickTime prior to 7.7.5 does not initialize an unspecified pointer, which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.
Apple Quicktime 7.0.0
Apple Quicktime 7.0.1
Apple Quicktime 7.0.2
Apple Quicktime 7.0.3
Apple Quicktime 7.0.4
Apple Quicktime 7.4.0
Apple Quicktime 7.4.1
Apple Quicktime 7.4.5
Apple Quicktime 7.5.0
Apple Quicktime 7.66.71.0
Apple Quicktime 7.67.75.0
Apple Quicktime 7.68.75.0
Apple Quicktime 7.69.80.9
Apple Quicktime
Apple Quicktime 7.1.1
Apple Quicktime 7.1.3
Apple Quicktime 7.2.1
Apple Quicktime 7.3.1
Apple Quicktime 7.6.0
Apple Quicktime 7.6.2
Apple Quicktime 7.62.14.0
Apple Quicktime 7.65.17.80
NA
CVE-2015-10131
A vulnerability was found in chrisy TFO Graphviz Plugin up to 1.9 on WordPress and classified as problematic. Affected by this issue is the function admin_page_load/admin_page of the file tfo-graphviz-admin.php. The manipulation leads to cross site scripting. The attack may be la...
9.8
CVSSv3
CVE-2021-23352
This affects the package madge prior to 4.0.1. It is possible to specify a custom Graphviz path via the graphVizPath option parameter which when the .image(), .svg() or .dot() functions are called, is executed by the childprocess.exec function.
Madge Project Madge
8.8
CVSSv3
CVE-2021-21406
Combodo iTop is an open source, web based IT Service Management tool. In versions before 2.7.4, there is a command injection vulnerability in the Setup Wizard when providing Graphviz executable path. The vulnerability is patched in version 2.7.4 and 3.0.0.
Combodo Itop
Combodo Itop 2.7.5
Combodo Itop 2.7.5-1
NA
CVE-2003-0602
Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x prior to 2.16.3 and 2.17.x prior to 2.17.4 allow remote malicious users to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA ...
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.17
Mozilla Bugzilla 2.17.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2