cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-1010238,https://securityvulnerability.io/vulnerability/CVE-2019-1010238,,"Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.",Gnome,Pango,9.8,CRITICAL,0.00965999998152256,false,,false,false,false,,,false,false,,2019-07-19T16:42:41.000Z,0
CVE-2018-15120,https://securityvulnerability.io/vulnerability/CVE-2018-15120,,"libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.",Gnome,Pango,6.5,MEDIUM,0.015399999916553497,false,,false,false,false,,,false,false,,2018-08-24T19:00:00.000Z,0
CVE-2010-0421,https://securityvulnerability.io/vulnerability/CVE-2010-0421,,"Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database.",Gnome,Pango,,,0.0024999999441206455,false,,false,false,false,,,false,false,,2010-03-18T17:12:00.000Z,0