Lucene search
K

532 matches found

Veracode
Veracode
added 2019/05/02 5:18 a.m.30 views

Null Pointer Dereference

The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to cras...

8.5CVSS5.3AI score0.04923EPSS
Exploits0References18Affected Software1
Veracode
Veracode
added 2019/01/15 9:7 a.m.30 views

Denial Of Service (DoS)

libxfont is vulnerable to denial of service DoS attacks. The vulnerability exists as the bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service out-of-bounds write and crash or possibly...

8.5CVSS6.8AI score0.04864EPSS
Exploits0References18Affected Software1
Veracode
Veracode
added 2019/01/15 8:55 a.m.18 views

Denial Of Service (Dos)

libXfont is vulnerable to denial of service. A stack-based buffer overflow occurs when the libXfont library parsed Glyph Bitmap Distribution Format BDF fonts with a long string in a character name. This allows a local attacker to crash the service or potentially execute arbitrary code with the...

9.3CVSS7AI score0.10254EPSS
Exploits1References18Affected Software1
Oracle linux
Oracle linux
added 2018/11/05 12:0 a.m.42 views

X.org X11 security, bug fix, and enhancement update

freeglut 3.0.0-8 - HTTPS URLs - Pin soname to libglut.so.3 in the %files glob 3.0.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 3.0.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora27BinutilsMassRebuild 3.0.0-5 - Rebuilt for...

9.8CVSS9.6AI score0.05907EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:30 a.m.27 views

Security Bulletin: Multiple vulnerabilities in xorg-x11-libs affect IBM Flex System Manager (FSM) (CVE2015-1802, CVE-2015-1803, CVE-2015-1804)

Summary Multiple security vulnerabilities have been discovered in xorg-x11-libs that is embedded in the IBM FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2015-1802 DESCRIPTION: X.Org libXfont could allow a local attacker to gain elevated privileges on the...

8.5CVSS2AI score0.04923EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:29 a.m.30 views

Security Bulletin: Vulnerabilities in libXfont affect PowerKVM (CVE-2015-1802, CVE-2015-1803, CVE-2015-1804)

Summary PowerKVM is affected by three vulnerabilities in libXfont. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2015-1802 DESCRIPTION: X.Org libXfont could allow a local attacker to gain elevated privileges on the system, caused by an error in bdfReadProperties in the...

8.5CVSS2.6AI score0.04923EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:30 p.m.34 views

Security Bulletin: Multiple vulnerabilities in cups, curl, libxfont affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Multiple vulnerabilities in cups, curl, libxfont affect IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance CVE-2014-9679, CVE-2015-1158, CVE-2015-1159, CVE-2014-3613, CVE-2014-3707, CVE-2014-8150, CVE-2015-3143, CVE-2015-3148,CVE-2015-1802, CVE-2015-1803, CVE-2015-1804...

10CVSS1.2AI score0.29913EPSS
Exploits9Affected Software1
OpenVAS
OpenVAS
added 2018/03/14 12:0 a.m.26 views

Fedora Update for libXfont FEDORA-2018-e27b435a7f

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.0042EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/03/14 12:0 a.m.22 views

Fedora Update for libXfont FEDORA-2018-5a7cd68500

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.0042EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/03/07 12:0 a.m.20 views

Fedora 27 : libXfont (2018-e27b435a7f)

Security fix for CVE-2017-16611 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

5.5CVSS6.3AI score0.0042EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/03/07 12:0 a.m.20 views

Fedora 26 : libXfont (2018-5a7cd68500)

Security fix for CVE-2017-16611 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

5.5CVSS6.3AI score0.0042EPSS
Exploits0References2
Fedora
Fedora
added 2018/03/06 5:36 p.m.19 views

[SECURITY] Fedora 27 Update: libXfont-1.5.4-1.fc27

X.Org X11 libXfont runtime library...

5.5CVSS2.2AI score0.0042EPSS
Exploits0
Fedora
Fedora
added 2018/03/06 5:34 p.m.16 views

[SECURITY] Fedora 26 Update: libXfont-1.5.4-1.fc26

X.Org X11 libXfont runtime library...

5.5CVSS2.2AI score0.0042EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.21 views

Debian: Security Advisory (DLA-1126-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS7AI score0.00442EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/02/02 12:0 a.m.20 views

SUSE SLED12 / SLES12 Security Update : libXfont (SUSE-SU-2018:0334-1)

This update for libXfont fixes several issues. These security issues were fixed : - CVE-2017-13720: Improper check for end of string in PatterMatch caused invalid reads bsc1054285 - CVE-2017-13722: Malformed PCF file could have caused DoS or leak information bsc1049692 - Prevent the X server from...

7.1CVSS6.5AI score0.00442EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/02/02 12:0 a.m.25 views

openSUSE Security Update : libXfont (openSUSE-2018-124)

This update for libXfont fixes several issues. These security issues were fixed : - CVE-2017-13720: Improper check for end of string in PatterMatch caused invalid reads bsc1054285 - CVE-2017-13722: Malformed PCF file could have caused DoS or leak information bsc1049692 - Prevent the X server from...

7.1CVSS6.5AI score0.00442EPSS
Exploits0References5
OSV
OSV
added 2018/02/01 8:32 a.m.8 views

SUSE-SU-2018:0334-1 Security update for libXfont

This update for libXfont fixes several issues. These security issues were fixed: - CVE-2017-13720: Improper check for end of string in PatterMatch caused invalid reads bsc1054285 - CVE-2017-13722: Malformed PCF file could have caused DoS or leak information bsc1049692 - Prevent the X server from...

7.1CVSS7AI score0.00442EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2018/01/22 10:58 p.m.30 views

CVE-2017-13720

In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash denial of service. This occurs because '\0'...

7.1CVSS3.8AI score0.00442EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/01/22 10:57 p.m.22 views

CVE-2017-13722

In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check for PCF files could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server...

7.1CVSS2.5AI score0.00396EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.25 views

Fedora 27 : libXfont (2017-f3e5d31524)

Security fix for CVE-2017-13720 and CVE-2017-13722 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.1CVSS6.3AI score0.00442EPSS
Exploits0References3
Rows per page
Query Builder