Lucene search
K

209 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.3 views

SUSE CVE-2011-3367

Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

5CVSS6.7AI score0.0091EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.5 views

SUSE CVE-2012-0472

The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict...

9.3CVSS9.3AI score0.04116EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.3 views

SUSE CVE-2022-27470

SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...

7.8CVSS7.4AI score0.00946EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/02/14 9:10 a.m.8 views

grub2: Heap based out-of-bounds write when redering certain unicode sequences

A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...

7.1CVSS7.3AI score0.00872EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/01/09 2:51 p.m.5 views

grub2: Heap based out-of-bounds write when redering certain unicode sequences

A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...

7.1CVSS7.3AI score0.00872EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/01/09 2:47 p.m.6 views

grub2: Heap based out-of-bounds write when redering certain unicode sequences

A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...

7.1CVSS7.3AI score0.00872EPSS
Exploits0References5
OSV
OSV
added 2022/12/19 8:15 p.m.3 views

DEBIAN-CVE-2022-3775

When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption an...

7.1CVSS8.4AI score0.00872EPSS
Exploits0References1
OSV
OSV
added 2022/12/19 8:15 p.m.5 views

AZL-12079 CVE-2022-3775 affecting package grub2 for versions less than 2.06-10

When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption an...

7.1CVSS7.8AI score0.00872EPSS
Exploits0References1
OSV
OSV
added 2022/12/19 8:15 p.m.11 views

AZL-34792 CVE-2022-3775 affecting package grub2 for versions less than 2.06-14

When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption an...

7.1CVSS7.8AI score0.00872EPSS
Exploits0References1
OSV
OSV
added 2022/12/19 8:15 p.m.1 views

UBUNTU-CVE-2022-3775

When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption an...

7.1CVSS7.7AI score0.00872EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/12/13 4:11 p.m.4 views

grub2: Heap based out-of-bounds write when redering certain unicode sequences

A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...

7.1CVSS7.3AI score0.00872EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/12/06 8:58 a.m.5 views

grub2: Heap based out-of-bounds write when redering certain unicode sequences

A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...

7.1CVSS7.3AI score0.00872EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2022/10/05 8:55 p.m.40 views

USN-5657-1: Graphite2 vulnerability

It was discovered that Graphite2 mishandled specially crafted files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

8.8CVSS6.9AI score0.02324EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/05/21 12:0 a.m.21 views

Fedora: Security Advisory for freetype (FEDORA-2022-80e1724780)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.9AI score0.0339EPSS
Exploits2References2
Fedora
Fedora
added 2022/05/20 1:56 a.m.53 views

[SECURITY] Fedora 34 Update: freetype-2.10.4-6.fc34

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

9.8CVSS8.9AI score0.0339EPSS
Exploits2
Fedora
Fedora
added 2022/05/20 1:29 a.m.39 views

[SECURITY] Fedora 35 Update: freetype-2.11.0-6.fc35

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

9.8CVSS8.9AI score0.0339EPSS
Exploits2
Fedora
Fedora
added 2022/05/07 5:16 a.m.48 views

[SECURITY] Fedora 36 Update: freetype-2.12.1-1.fc36

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

9.8CVSS1.5AI score0.0339EPSS
Exploits2
OSV
OSV
added 2022/05/04 3:15 a.m.4 views

UBUNTU-CVE-2022-27470

SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...

7.8CVSS5.9AI score0.00946EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/04/22 12:0 a.m.4 views

FreeType 缓冲区错误漏洞

FreeType is an open source font rendering library written in the C language. A security vulnerability exists in FreeType, which stems from the commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was found to contain a heap buffer overflow via the function sfntinitface...

9.8CVSS7.5AI score0.02789EPSS
Exploits1References18
ALT Linux
ALT Linux
added 2022/04/07 12:0 a.m.75 views

Security fix for the ALT Linux 10 package java-1.8.0-openjdk version 0:1.8.0.322.b06-alt2_1jpp8

0:1.8.0.322.b06-alt21jpp8 built April 7, 2022 Andrey Cherepanov in task 295626 --- Feb. 18, 2022 Andrey Cherepanov - New version. - Security fixes: + JDK-8264934, CVE-2022-21248: Enhance cross VM serialization + JDK-8268488: More valuable DerValues + JDK-8268494: Better inlining of inlined...

5CVSS1.1AI score0.08346EPSS
Exploits0
Rows per page
Query Builder