CVE-2020-27946

CVE-2020-27946 is an information-disclosure vulnerability tied to FontParser in Apple platforms. The issue arises when processing a maliciously crafted font, potentially allowing disclosure of process memory. Apple’s advisories indicate this affects watchOS 7.2 and various macOS/iOS/iPadOS/tvOS u...

Apple macOS Buffer Error Vulnerability

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS that stems from a boundary condition when processing font files within the FontParser component in macOS. A remote attacker can create specially crafted files or...

CVE-2020-27930

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7...

CVE-2020-27930

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7...

CVE-2020-27927

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted font file may lead to arbitrary code execution...

PT-2020-16862 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: Apple iOS versions prior to 14.0 Apple iPadOS versions prior to 14.0 Apple macOS versions prior to 11.1 Apple macOS versions prior to Security Update 2020-001 Catalina Apple macOS versions prior to Security Update 2020-007 Mojave Apple watchO...

PT-2020-16855 · Apple · Macos Catalina +7

Name of the Vulnerable Software and Affected Versions: macOS Big Sur versions prior to 11.1 macOS Big Sur version 11.0.1 Security Update 2020-001 Catalina Security Update 2020-007 Mojave iOS versions prior to 14.2 iPadOS versions prior to 14.2 watchOS versions prior to 7.1 tvOS versions prior to...

PT-2020-17668 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.0.1 Description: An out-of-bounds read issue was addressed with improved bounds checking. Processing a maliciously crafted font may lead to arbitrary code execution. Recommendations: For versions prior to 11.0.1,...

CVE-2019-8582

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may...

PT-2020-20916 · Apple · Macos Catalina +4

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.6 iPadOS versions prior to 13.6 macOS Catalina versions prior to 10.15.6 tvOS versions prior to 13.4.8 watchOS versions prior to 6.2.8 Description: An out-of-bounds write issue was addressed with improved bounds...

The vulnerability of the Adobe Type Manager library on the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Adobe Type Manager library in the Windows operating system is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code due to a font processing error in Adobe PostScript Type 1...

Remote Code Execution (RCE)

FreeType is vulnerable to remote code execution RCE. Multiple input validation flaws were found in the way FreeType processed CID-keyed fonts. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute...

CVE-2019-8517

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory...

CVE-2019-8517

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory...

Design/Logic Flaw

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory...

CVE-2019-8517

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory...

(0Day) Microsoft Windows Kernel Type 1 Font Processing Stack Exhaustion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to cause a denial-of-service condition on machines running affected versions of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must open a malicious font. The specific flaw exists within the handling of...

CVE-2018-4908

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of...

CVE-2018-4894

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of...

CVE-2018-4894

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of...