BigFix Patch Download Plug-ins are affected by an insecure protocol support. Rated low severity (CVSS 2.8). No vendor patch available.
BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML injection attacks. Rated low severity (CVSS 2.5). No vendor patch available.
BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. Rated low severity (CVSS 2.5). No vendor patch available.
BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. Rated low severity (CVSS 2.5). No vendor patch available.
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component gray_record_cell. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component composition_source_over. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via the component plutovg_surface_create. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_path_add_path. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_blend. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component blend_transformed_tiled_argb.isra.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. Rated low severity (CVSS 2.5). No vendor patch available.