Skip to main content

Pixman

5 CVEs product

Monthly

CVE-2023-37769 MEDIUM POC This Month

stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pixman
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-44638 HIGH POC This Week

In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Pixman Debian Linux Fedora
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2014-9766 CRITICAL PATCH Act Now

Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.1%.

RCE Denial Of Service Pixman Ubuntu Linux
NVD
CVSS 3.0
9.8
EPSS
14.1%
CVE-2013-6425 MEDIUM PATCH This Month

Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Integer Overflow Pixman Ubuntu Linux Debian Linux +7
NVD
CVSS 2.0
5.0
EPSS
3.0%
CVE-2013-6424 MEDIUM PATCH This Month

Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Integer Overflow Pixman Debian Linux Opensuse +1
NVD
CVSS 2.0
5.0
EPSS
6.8%
EPSS 1% CVSS 6.5
MEDIUM POC This Month

stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pixman
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Pixman +2
NVD
EPSS 14% CVSS 9.8
CRITICAL PATCH Act Now

Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.1%.

RCE Denial Of Service Pixman +1
NVD
EPSS 3% CVSS 5.0
MEDIUM PATCH This Month

Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Integer Overflow Pixman +9
NVD
EPSS 7% CVSS 5.0
MEDIUM PATCH This Month

Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Integer Overflow Pixman +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy