Download
| Alert*
oval:org.secpod.oval:def:106776
graphviz is installed oval:org.secpod.oval:def:21823 The host is installed with Graphviz 2.34.0 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle vectors related to a "badly formed number" and a "long digit list". Successful exploitation allows remote attackers to have uns ... oval:org.secpod.oval:def:21827 The host is installed with Graphviz 2.34.0 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a long line in a dot file. Successful exploitation allows remote attackers to have unspecified impact. oval:org.secpod.oval:def:1200165 Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vector, which are not properly handled in an error string. oval:org.secpod.oval:def:106402 A collection of tools for the manipulation and layout of graphs . oval:org.secpod.oval:def:108015 A collection of tools for the manipulation and layout of graphs . oval:org.secpod.oval:def:108016 A collection of tools for the manipulation and layout of graphs . oval:org.secpod.oval:def:601872 Joshua Rogers discovered a format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz, a rich set of graph drawing tools. An attacker could use this flaw to cause graphviz to crash or possibly execute arbitrary code. oval:org.secpod.oval:def:52361 graphviz: rich set of graph drawing tools graphviz could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:106418 A collection of tools for the manipulation and layout of graphs . oval:org.secpod.oval:def:108150 A collection of tools for the manipulation and layout of graphs . oval:org.secpod.oval:def:1600000 Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a "badly formed number" and a "long digit list." Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2 ... oval:org.secpod.oval:def:1600128 Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file. oval:org.secpod.oval:def:702326 graphviz: rich set of graph drawing tools graphviz could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701902 graphviz is installed oval:org.secpod.oval:def:701545 graphviz: rich set of graph drawing tools Graphviz could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:601194 Two buffer overflow vulnerabilities were reported in Graphviz, a rich collection of graph drawing tools. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2014-0978 It was discovered that user-supplied input used in the yyerror function in lib/cgraph/scan.l is not ... oval:org.secpod.oval:def:89050231 This update for graphviz fixes the following issues: - CVE-2018-10196: Fixed a null dereference in rebuild_vlis . oval:org.secpod.oval:def:116646 A collection of tools for the manipulation and layout of graphs . oval:org.secpod.oval:def:116346 A collection of tools for the manipulation and layout of graphs . oval:org.secpod.oval:def:1601003 The agroot function in cgraph\obj.c in libcgraph.a in Graphviz has a NULL pointer dereference, as demonstrated by graphml2gv oval:org.secpod.oval:def:114568 A collection of tools for the manipulation and layout of graphs . oval:org.secpod.oval:def:2001311 NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:114571 A collection of tools for the manipulation and layout of graphs . oval:org.secpod.oval:def:1505274 [2.40.1-43] - Fixed races during pdf documentation build which should build docs correctly Related: CVE-2020-18032 [2.40.1-42] - Rebuilt, because pdf documentation were built incorrectly Related: CVE-2020-18032 [2.40.1-41] - Fixed buffer overflow in lib/common/shapes.c Resolves: CVE-2020-18032 oval:org.secpod.oval:def:95046 graphviz: rich set of graph drawing tools Several security issues were fixed in graphviz. oval:org.secpod.oval:def:4501259 Graphviz is open-source graph-visualization software. Graph visualization is a way of representing structural information as diagrams of abstract graphs and networks. It has important applications in networking, bioinformatics, software engineering, database and web design, machine learning, and in ... oval:org.secpod.oval:def:708490 graphviz: rich set of graph drawing tools Several security issues were fixed in graphviz. oval:org.secpod.oval:def:89047159 This update for graphviz fixes the following issues: - CVE-2020-18032: Fixed possible remote code execution via buffer overflow . oval:org.secpod.oval:def:71918 A buffer overflow was discovered in Graphviz, which could potentially result in the execution of arbitrary code when processing a malformed file. oval:org.secpod.oval:def:2500441 Graphviz is open-source graph-visualization software. Graph visualization is a way of representing structural information as diagrams of abstract graphs and networks. It has important applications in networking, bioinformatics, software engineering, database and web design, machine learning, and in ... oval:org.secpod.oval:def:708847 graphviz: rich set of graph drawing tools Graphviz could be made to crash if it opened a specially crafted config6a file. oval:org.secpod.oval:def:89051783 This update for graphviz fixes the following issues: * CVE-2023-46045: Fixed out-of-bounds read via a crafted config6a file oval:org.secpod.oval:def:3302513 Security update for graphviz |