Vulnerabilities > Graphviz > Graphviz > 2.34.0

DATE CVE VULNERABILITY TITLE RISK
2021-04-29 CVE-2020-18032 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.
local
low complexity
graphviz debian fedoraproject CWE-120
7.8
7.8
2017-08-07 CVE-2014-1235 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphviz 2.34.0
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file.
network
graphviz CWE-119
6.8
6.8
2014-01-10 CVE-2014-0978 Buffer Errors vulnerability in Graphviz 2.34.0
Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file.
network
graphviz CWE-119
critical
 9.3
9.3
2014-01-10 CVE-2014-1236 Buffer Errors vulnerability in Graphviz 2.34.0
Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a "badly formed number" and a "long digit list."
network
low complexity
graphviz CWE-119
critical
 10.0
10