Every CVE whose affected-product data names Gnome Pango, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2019-1010238 — CVSS 9.8 (critical): Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code…
CVE-2011-3193 — CVSS 9.3 (critical): Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and…
CVE-2011-0020 — CVSS 7.6 (high): Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and…
CVE-2011-0064 — CVSS 6.8 (medium): The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory…
CVE-2018-15120 — CVSS 6.5 (medium): libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service…
CVE-2010-0421 — CVSS 4.3 (medium): Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows…