Known Vulnerabilities for products from Graphviz
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Graphviz".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-58870 | Not Provided | 2025-09-05 | 2026-04-01 | |
| CVE-2020-18032 | Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute ... | 7.8 - HIGH | 2021-04-29 | 2023-11-07 |
| CVE-2019-11023 | The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demons... | 8.8 - HIGH | 2019-04-08 | 2023-11-07 |
| CVE-2019-9904 | An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2.40.1. Stack consumption occurs because of recursive agc... | 6.5 - MEDIUM | 2019-03-21 | 2023-02-01 |
| CVE-2018-10196 | NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz ... | 5.5 - MEDIUM | 2018-05-30 | 2023-11-07 |
| CVE-2014-9157 | Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecif... | 7.5 - HIGH | 2014-12-03 | 2017-09-08 |
| CVE-2014-1236 | Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have un... | 10 - HIGH | 2014-01-10 | 2017-07-01 |
| CVE-2014-1235 | Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or... | 7.8 - HIGH | 2017-08-07 | 2017-08-29 |
| CVE-2014-0978 | Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have u... | 9.3 - HIGH | 2014-01-10 | 2017-08-29 |
| CVE-2008-4555 | Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earli... | 8.5 - HIGH | 2008-10-14 | 2018-10-11 |
| CVE-2005-4803 | graphviz before 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this is... | 3.6 - LOW | 2005-12-31 | 2018-10-03 |
Known software with vulnerabilities from Graphviz
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Graphviz | Graphviz | 2.34.0 |