Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
110053.6%HIGH

Related CVEs

10
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2026-4980A local file disclosure vulnerability in the XInclude processing component of Inkscape 1.1 before 1.3 allows a remote attacker to read local files via a crafted SVG file containing malicious xi:include tags.MEDIUM6.310.2%Mar 27, 2026
CVE-2021-42704Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code.HIGH7.8May 18, 2022
CVE-2021-42702Inkscape version 0.91 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information.LOW3.3May 18, 2022
CVE-2021-42700Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information.LOW3.3May 18, 2022
CVE-2012-6076Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts.NONE38.5%Mar 12, 2013
CVE-2012-5656The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.MEDIUM5.563.2%Jan 18, 2013
CVE-2007-1463Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs.NONE87.3%Mar 21, 2007
CVE-2007-1464Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors.NONE86.7%Mar 21, 2007
CVE-2005-3885The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file.NONE26.9%Nov 29, 2005
CVE-2005-3737Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values.NONE96.0%Nov 22, 2005