Lucene search
K

98 matches found

OSV
OSV
added 2026/03/19 6:10 p.m.2 views

GHSA-2MHW-8QCG-GR96 skia-python vendors vulnerable libfreetype because of pinned cibuildwheel version

Impact The Linux wheels for skia-python vendor a vulnerable version of libfreetype that is affected by CVE-2025-27363 1. The root cause is a chain of unfortunate events: 1. skia-python builds wheels using pinned pypa/[email protected] 2 2. cibuildwheel 2.21.3 in turn pins manylinux container...

8.1CVSS7AI score0.26049EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2026/03/19 6:10 p.m.3 views

django-cfg (>=1.7.65 <=2.2.69), dynrender-skia (>=0.2.6 <=0.2.8) +9 more potentially affected by CVE-2025-27363 via skia-python (>=121.0.0b6 <=138.0.0)

skia-python PYPI version =121.0.0b6, =1.7.65, =0.2.6, =1.0.0b7, =0.1.1, =0.1.0, =2.1.1, =0.6.2, =1.6.0, =0.1.0, =0.2.0 Source cves: CVE-2025-27363 Source advisory: OSV:GHSA-2MHW-8QCG-GR96...

8.1CVSS7.2AI score0.26049EPSS
Exploits1
OpenVAS
OpenVAS
added 2026/02/02 12:0 a.m.2 views

Huawei EulerOS: Security Advisory for freetype (EulerOS-SA-2026-1114)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.9AI score0.26049EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.4 views

EulerOS Virtualization 2.10.0 : freetype (EulerOS-SA-2026-1165)

According to the versions of the freetype package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting ...

8.1CVSS7.2AI score0.26049EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/23 12:4 p.m.7 views

Security Bulletin: A vulnerability in FreeType affect IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary A vulnerability in FreeType 2.13.0 and earlier affect IBM® Db2® Big SQL 7.8 on IBM Cloud Pak for Data 5.1 and earlier. Vulnerability Details CVEID:CVE-2025-27363 DESCRIPTION: An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable...

8.1CVSS6.2AI score0.26049EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/29 8:54 a.m.5 views

Security Bulletin: CVE-2025-46801 - Pgpool-II Authentication Bypass

Summary Pgpool-II contains an authentication bypass vulnerability that can be exploited under certain conditions. If an attacker exploits the vulnerability they may be able to log in to the system as an arbitrary user, which could allow them to read or tamper with data in the database, and/or...

9.8CVSS8.8AI score0.26049EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/05 5:15 a.m.6 views

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to FreeType Remote Code Execution Vulnerability (CVE-2025-27363)

Summary IBM Sterling Partner Engagement Manager uses FreeType has part of the package and is affected by CVE-2025-27363 for versions 2.13.0 and below. Vulnerability Details CVEID:CVE-2025-27363 DESCRIPTION: An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of...

8.1CVSS7.5AI score0.26049EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/07/30 12:0 a.m.7 views

RockyLinux 9 : freetype (RLSA-2025:3407)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:3407 advisory. freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files CVE-2025-27363 Tenable has extracted the...

8.1CVSS7.2AI score0.26049EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/07/30 12:0 a.m.6 views

RockyLinux 8 : freetype (RLSA-2025:3421)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:3421 advisory. freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files CVE-2025-27363 Tenable has extracted the...

8.1CVSS7.2AI score0.26049EPSS
Exploits1References3
Rockylinux
Rockylinux
added 2025/07/29 1:40 p.m.7 views

freetype security update

An update is available for freetype. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeType is a free, high-quality, portable font engine that can open and...

8.1CVSS7.5AI score0.26049EPSS
Exploits1
Rockylinux
Rockylinux
added 2025/07/29 1:38 p.m.10 views

freetype security update

An update is available for freetype. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeType is a free, high-quality, portable font engine that can open and...

8.1CVSS7.5AI score0.26049EPSS
Exploits1
OSV
OSV
added 2025/07/29 1:38 p.m.7 views

RLSA-2025:3421 Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files...

8.1CVSS7.9AI score0.26049EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/07/18 12:0 a.m.25 views

Oracle Database Server (July 2025 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2025 CPU advisory. - Vulnerability in the Oracle Database component of Oracle Database Server. Supported versions that are affected are 19.3-19.27 and 23.4-23.8...

9.8CVSS7.2AI score0.66933EPSS
Exploits12References21
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/07 5:40 a.m.5 views

Security Bulletin: Vulnerability in freetype library (CVE-2025-27363) affects Power HMC.

Summary The freetype library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-27363 DESCRIPTION: An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when...

8.1CVSS7.4AI score0.26049EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/23 12:0 a.m.8 views

RHEL 8 : spice-client-win (RHSA-2025:9380)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:9380 advisory. Spice client MSI installers for Windows clients Security Fixes: freetype: OOB write when attempting to parse font subglyph structures related to...

8.1CVSS7.3AI score0.26049EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2025/06/20 12:0 a.m.72 views

Moderate: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools:A malicious actor with non-administrative...

6.1CVSS8.6AI score0.00247EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/13 10:16 a.m.11 views

Security Bulletin: An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files affect watsonx.data

Summary An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files.These could affect watsonx.data. Vulnerability Details CVEID:CVE-2025-27363 DESCRIPTION: An out of bounds write exists in...

8.1CVSS8.6AI score0.26049EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2025/06/12 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for freetype (EulerOS-SA-2025-1653)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.5AI score0.26049EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2025/06/12 12:0 a.m.5 views

Huawei EulerOS: Security Advisory for freetype (EulerOS-SA-2025-1654)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.5AI score0.26049EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/06/11 12:0 a.m.4 views

EulerOS 2.0 SP12 : freetype (EulerOS-SA-2025-1584)

According to the versions of the freetype package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font...

8.1CVSS7.2AI score0.26049EPSS
Exploits1References2
Rows per page
Query Builder