Lucene search
K

14 matches found

RedHat Linux
RedHat Linux
added 4 days ago3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 4 days ago3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 6:6 p.m.10 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS5.6AI score0.00157EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/06/06 2:45 a.m.10 views

SUSE CVE-2026-50256

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS5.8AI score0.00157EPSS
Exploits0References10
NVD
NVD
added 2026/06/05 12:16 p.m.15 views

CVE-2026-50256

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS0.00157EPSS
Exploits0References24
RedhatCVE
RedhatCVE
added 2026/06/05 10:31 a.m.8 views

CVE-2026-50256

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS5.8AI score0.00157EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/05 10:31 a.m.9 views

CVE-2026-50256 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libxfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS5.8AI score0.00157EPSS
Exploits0References23
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

X.Org XWayland 缓冲区错误漏洞

The X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. Both the X.Org X Server and Xwayland have security...

7.8CVSS6.1AI score0.00157EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-14310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an issue on grub2 before version 2.06 at function readsectionasstring. It expects a font name to be at max UINT32MAX - 1 length in bytes but it doesn't...

6CVSS7.2AI score0.00478EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.5 views

There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX leading to read_section_as_string() to an arithmetic overflow zero-sized allocation and further heap-based buffer overflow.

...

6CVSS7AI score0.00478EPSS
Exploits0
OSV
OSV
added 2020/07/31 10:15 p.m.1 views

DEBIAN-CVE-2020-14310

There is an issue on grub2 before version 2.06 at function readsectionasstring. It expects a font name to be at max UINT32MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a...

6CVSS7.1AI score0.00478EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/07/29 12:0 a.m.8 views

PT-2020-3622 · Gnu +7 · Grub2 +7

Name of the Vulnerable Software and Affected Versions: grub2 versions prior to 2.06 Description: The issue is related to the read section as string function, which expects a font name to be at most UINT32 MAX - 1 length in bytes but does not verify it before proceeding with buffer allocation. Thi...

8.2CVSS7.5AI score0.01738EPSS
Exploits2References152
CNVD
CNVD
added 2018/11/26 12:0 a.m.6 views

Gnuplot Buffer Overflow Vulnerability (CNVD-2019-00241)

Gnuplot is an open source plotting software. A buffer overflow vulnerability exists in the post.trm file in Gnuplot version 5.2.5, where the program fails to detect the size of arguments sent to the 'set font' function. The vulnerability can be exploited to hijack control flow with font names of...

7.8CVSS7.8AI score0.01553EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2010/01/18 12:0 a.m.4 views

PT-2010-2142 · Viscom · Viscom Software Movie Player Pro Sdk Activex

Name of the Vulnerable Software and Affected Versions: Viscom Software Movie Player Pro SDK ActiveX version 6.8.0.0 Description: The issue is related to a stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control. This occurs when a long strFontName parameter is passed to t...

9.3CVSS7.6AI score0.30383EPSS
Exploits9References8
Rows per page
Query Builder