EUVD-2025-205887

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-15279

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-15278

CVE-2025-15278 concerns FontForge GUtils XBM file parsing. The flaw is an integer overflow during parsing of pixels in XBM files, caused by inadequate validation of user-supplied data, which leads to an out-of-bounds buffer allocation and allows remote code execution in the affected process. The ...

CVE-2025-15278 FontForge GUtils XBM File Parsing Integer Overflow Remote Code Execution Vulnerability

FontForge GUtils XBM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992873)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992873 advisory. In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992805)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992805 advisory. In the Linux kernel, the following vulnerability has been resolved: fix bitmap corruption on closerange with CLOSERANGEUNSHARE copyfdbitmapsnew, old, count is expect...

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993125)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993125 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to...

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993174 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: check the return value of mdbitmapgetcounter Check the return value of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992817)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992817 advisory. In the Linux kernel, the following vulnerability has been resolved: memstick/msblock: Fix a memory leak 'erasedblocksbitmap' is never freed. As it is allocated at th...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-992827)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992827 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to...

FontForge 安全漏洞

FontForge is an open source font editing tool from fontforge that supports multiple languages. A security vulnerability exists in FontForge that stems from improper validation of data length when parsing BMP file pixels, which could lead to a heap buffer overflow and remote code execution...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992447)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992447 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use f2fsbugon in f2fsnewnodepage As Dipanjan Das reported, syzkaller found a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992674)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992674 advisory. In the Linux kernel, the following vulnerability has been resolved: fix bitmap corruption on closerange with CLOSERANGEUNSHARE copyfdbitmapsnew, old, count is expect...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992323)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992323 advisory. In the Linux kernel, the following vulnerability has been resolved: memstick/msblock: Fix a memory leak 'erasedblocksbitmap' is never freed. As it is allocated at th...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992376)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992376 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: check the return value of mdbitmapgetcounter Check the return value of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992417)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992417 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use f2fsbugon in f2fsnewnodepage As Dipanjan Das reported, syzkaller found a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992173)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992173 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to...

(0Day) FontForge GUtils XBM File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of pixels...

PT-2025-53825

Name of the Vulnerable Software and Affected Versions FontForge affected versions not specified Description A flaw exists in FontForge within the parsing of pixels within XBM files. The issue stems from insufficient validation of user-supplied data, leading to an integer overflow during buffer...

(0Day) FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of pixels...