fontforge security update

20200314-7 - Resolves: RHEL-138168 CVE-2025-15270 SFD File Parsing Remote Code Execution Vulnerability - Resolves: RHEL-138174 CVE-2025-15279 GUtils BMP File Parsing Heap-based Buffer Overflow - Resolves: RHEL-138190 CVE-2025-15275 SFD File Parsing Heap-based Buffer Overflow - Resolves: RHEL-1381...

Exploit for Command Injection in Fontforge

⚠️ FontForge RCE — CVE-2024-25081 & CVE-2024-25082 - PoC 📖...

Important: Red Hat Security Advisory: fontforge security update

An update for fontforge is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

CVE-2024-25081 vulnerabilities

Vulnerabilities for packages: fontforge...

TencentOS Server 3: fontforge (TSSA-2024:0319)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0319 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2021-25081

The Maps Plugin using Google Maps for WordPress plugin before 1.8.4 does not have CSRF checks in most of its AJAX actions, which could allow attackers to make logged in admins delete arbitrary posts and update the plugin's settings via a CSRF attack...

CVE-2018-25081

Bitwarden through 2023.2.1 offers password auto-fill within a cross-domain IFRAME element. NOTE: the vendor's position is that there have been important legitimate cross-domain configurations e.g., an apple.com IFRAME element on the icloud.com website and that "Auto-fill on page load" is not...

RLSA-2024:4267 Moderate: fontforge security update

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: command injection via crafted filenames CVE-2024-25081...

RockyLinux 8 : fontforge (RLSA-2024:4267)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4267 advisory. fontforge: command injection via crafted filenames CVE-2024-25081 fontforge: command injection via crafted archives or compressed files CVE-2024-25082...

RLSA-2024:9439 Moderate: fontforge security update

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: command injection via crafted archives or compressed files...

fontforge security update

An update is available for fontforge. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FontForge is a font editor for outline and bitmap fonts. It supports a rang...

openSUSE Security Advisory (SUSE-SU-2024:0864-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-25081

Missing Authorization vulnerability in DeannaS Embed RSS embed-rss allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Embed RSS: from n/a through = 3.1...

CVE-2025-25081

creationtimestamp| type| source ---|---|--- 2025-02-07 10:16:02+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhlemo5ltf2u 2025-02-07 10:45:43+00:00| seen| https://infosec.exchange/users/cve/statuses/113962198143273239...

CVE-2025-25081

Missing Authorization vulnerability in DeannaS Embed RSS embed-rss allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Embed RSS: from n/a through = 3.1...

CVE-2025-25081 WordPress Embed RSS plugin <= 3.1 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in DeannaS Embed RSS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Embed RSS: from n/a through 3.1...

CVE-2025-25081 WordPress Embed RSS plugin <= 3.1 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in DeannaS Embed RSS embed-rss allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Embed RSS: from n/a through = 3.1...

Oracle Linux 9 : fontforge (ELSA-2024-9439)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-9439 advisory. 20201107-6 - Resolves: RHEL-26716 - CVE-2024-25081 and CVE-2024-25082 fontforge: various flaws Tenable has extracted the preceding description block...

fontforge security update

20201107-6 - Resolves: RHEL-26716 - CVE-2024-25081 and CVE-2024-25082 fontforge: various flaws...

Moderate: Red Hat Security Advisory: fontforge security update

An update for fontforge is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...