SUSE CVE-2026-7737

A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of the component BMP Parser. The manipulation leads to out-of-bounds read. The attack can be initiated...

AlmaLinux 8 : fontforge (ALSA-2026:7677)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:7677 advisory. fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing CVE-2025-15279 fontforge: FontForge: Remote Code Execution...

fontforge security update

An update is available for fontforge. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FontForge is a font editor for outline and bitmap fonts. It supports a rang...

RLSA-2026:7677 Important: fontforge security update

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: FontForge: Remote Code Execution via heap-based buffer...

RockyLinux 8 : fontforge (RLSA-2026:7677)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7677 advisory. fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing CVE-2025-15279 fontforge: FontForge: Remote Code Execution...

fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing

A flaw was found in FontForge. This heap-based buffer overflow vulnerability occurs during the parsing of pixels within BMP Bitmap files, due to insufficient validation of user-supplied data length. A remote attacker could exploit this by tricking a user into opening a malicious BMP file or...

Important: Red Hat Security Advisory: fontforge security update

An update for fontforge is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2026:7677 Important: fontforge security update

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: FontForge: Remote Code Execution via heap-based buffer...

RHEL 8 : fontforge (RHSA-2026:7677)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:7677 advisory. FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1,...

Important: fontforge security update

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: FontForge: Remote Code Execution via heap-based buffer...

TencentOS Server 4: fontforge (TSSA-2026:0108)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0108 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

SUSE SLES16 Security Update : fontforge (SUSE-SU-2026:20435-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20435-1 advisory. Update to version 20251009. Security issues fixed: - CVE-2025-15279: remote code execution via heap-based buffer overflow in BMP...

fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing

A flaw was found in FontForge. This heap-based buffer overflow vulnerability occurs during the parsing of pixels within BMP Bitmap files, due to insufficient validation of user-supplied data length. A remote attacker could exploit this by tricking a user into opening a malicious BMP file or...

RLSA-2026:2230 Important: fontforge security update

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: FontForge: Remote Code Execution via heap-based buffer...

RockyLinux 10 : fontforge (RLSA-2026:2230)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2230 advisory. fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing CVE-2025-15279 fontforge: FontForge: Remote Code Executio...

AlmaLinux 10 : fontforge (ALSA-2026:2230)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:2230 advisory. fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing CVE-2025-15279 fontforge: FontForge: Remote Code Execution...

Important: Red Hat Security Advisory: fontforge security update

An update for fontforge is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing

A flaw was found in FontForge. This heap-based buffer overflow vulnerability occurs during the parsing of pixels within BMP Bitmap files, due to insufficient validation of user-supplied data length. A remote attacker could exploit this by tricking a user into opening a malicious BMP file or...

fontforge security update

20230101-14 - Resolves: RHEL-138159 CVE-2025-15279 GUtils BMP File Parsing Heap-based Buffer Overflow - Resolves: RHEL-138144 CVE-2025-15275 SFD File Parsing Heap-based Buffer Overflow - Resolves: RHEL-138126 CVE-2025-15269 SFD File Parsing Use-After-Free...

RHEL 10 : fontforge (RHSA-2026:2230)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:2230 advisory. FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1,...