Lucene search
K

739 matches found

OSV
OSV
added 2023/04/10 5:15 p.m.2 views

CVE-2023-27650

An issue found in APUS Group Launcher v.3.10.73 and v.3.10.88 allows a remote attacker to execute arbitrary code via the FONTFILE parameter...

9.8CVSS6.2AI score0.02135EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/04/10 12:0 a.m.3 views

APUS Launcher 安全漏洞

APUS Launcher is an application from Kirin Hesheng Technology APUS, a company based in Beijing, China. Automatically sorts your apps by category on the home screen to quickly and easily find the apps you want. A security vulnerability exists in APUS Launcher versions v.3.10.73 and v.3.10.88, whic...

9.8CVSS8.9AI score0.02135EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/04/10 12:0 a.m.3 views

PT-2023-21284 · Apus · Apus Group Launcher

Name of the Vulnerable Software and Affected Versions: APUS Group Launcher versions 3.10.73 through 3.10.88 Description: An issue in the APUS Group Launcher allows a remote attacker to execute arbitrary code via the FONT FILE parameter. Recommendations: For versions 3.10.73 and 3.10.88, consider...

9.8CVSS8.1AI score0.02135EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.3 views

SUSE CVE-2006-1861

Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via attack vectors related to 1 bdf/bdflib.c, 2 sfnt/ttcmap.c, 3 cff/cffgload.c, and 4 the readlwfn function and a crafted LWFN file in base/ftmac.c. NOT...

7.5CVSS7.8AI score0.04853EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.5 views

SUSE CVE-2007-1352

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow...

3.8CVSS9.6AI score0.01524EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.6 views

SUSE CVE-2010-0827

Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted virtual font VF file associated with a DVI file...

6.8CVSS8.1AI score0.04439EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.3 views

SUSE CVE-2010-2498

The pshglyphfindstrongpoints function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly execute arbitrary code via a crafted font file that...

6.8CVSS8.1AI score0.05638EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.4 views

SUSE CVE-2010-2519

Heap-based buffer overflow in the MacReadPOSTResource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file...

6.8CVSS8.3AI score0.06287EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.2 views

SUSE CVE-2010-2527

Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font file...

6.8CVSS8.1AI score0.05644EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.3 views

SUSE CVE-2010-2808

Buffer overflow in the MacReadPOSTResource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File aka LWFN font...

6.8CVSS8.2AI score0.04515EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:34 a.m.5 views

SUSE CVE-2013-6462

Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long string in a character name in a BDF font file...

9.3CVSS8.3AI score0.10254EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.3 views

SUSE CVE-2015-3905

Buffer overflow in the setcsstart function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...

7.5CVSS7.7AI score0.06905EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:42 a.m.2 views

SUSE CVE-2017-11576

FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict parsettf.c resulting in DoS via a crafted otf file...

6.3CVSS8.5AI score0.00707EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/11/16 10:51 a.m.5 views

grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

A flaw was found where a maliciously crafted pf2 font could lead to an out-of-bounds write in grub2. A successful attack can lead to memory corruption and secure boot circumvention...

8.6CVSS5.7AI score0.00514EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2022/11/14 6:53 a.m.37 views

CVE-2022-31630

In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar function, the read outside allocated buffer will be used. This can lead to crashes or...

7.1CVSS8.2AI score0.02197EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2022/10/31 12:0 a.m.302 views

CVE-2022-31630

In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar function, the read outside allocated buffer will be used. This can lead to crashes or...

7.1CVSS7AI score0.02197EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2022/10/29 12:0 a.m.576 views

PHP 8.1.x < 8.1.12 Multiple Vulnerabilities

The version of PHP installed on the remote host is prior to 8.1.12. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.1.12 advisory. - The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allow...

9.8CVSS8.2AI score0.05193EPSS
Exploits4References5
wpexploit
wpexploit
added 2022/10/05 12:0 a.m.149 views

Create Block Theme < 1.2.2 - Unauthenticated Arbitrary File Upload

The plugin does not have authorisation and CSRF checks, as well as does not validate the file to be uploaded, which could allow unauthenticated attackers to upload arbitrary files to the server As unauthenticated user, open The file will be uploaded at...

0.6AI score
Exploits0References1
CNNVD
CNNVD
added 2022/10/04 12:0 a.m.6 views

Horner Automation Cscape 缓冲区错误漏洞

Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape 9.90 SP 7 and prior versions, which arises from failure to properly validate user-supplied data. If a user...

7.8CVSS8.1AI score0.00237EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/10/04 12:0 a.m.13 views

Horner Automation Cscape 缓冲区错误漏洞

Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape 9.90 SP 7 and prior versions, which arises from failure to properly validate user-supplied data, and allows...

7.8CVSS8.1AI score0.00231EPSS
Exploits0References4
Rows per page
Query Builder