CVE-2026-8558

The CVE-2026-8558 issue affects Google Chrome prior to 148.0.7778.168, in the Fonts component. An out-of-bounds write mishandles memory during font rendering, enabling a remote attacker to run arbitrary code inside the browser sandbox via a crafted HTML page. Remediation: update to Chrome 148.0.7...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability, which was caused by out-of-bounds read operations in fonts. This vulnerability could allow remote attackers to execute out-of-bounds memory reads...

CVE-2026-33812

A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted font file. Parsing this malicious file can lead to excessive memory allocation, which may result in a Denial of Service DoS for the affected system. Mitigation Mitigation fo...

DEBIAN-CVE-2026-4679

Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ttvarloaditemvariationstore function when processing HVAR, VVAR, or MVAR tables in OpenType variable fonts. An attacker can access sensitive information or cause a crash by enticing a user to open a specially...

CVE-2011-0175

Multiple buffer overflows in Apple Type Services ATS in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded TrueType font...

TencentOS Server 2: webkitgtk4 (TSSA-2025:0554)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0554 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

EUVD-2013-3835

Malware in sbrugna...

EUVD-2015-1800

Malware in sbrugna...

EUVD-2011-0612

Malware in sbrugna...

EUVD-2011-1996

Malware in sbrugna...

EUVD-2021-11694

Malware in sbrugna...

EUVD-2024-52587

Malicious code in bioql PyPI...

EUVD-2022-29004

Malicious code in bioql PyPI...

EUVD-2024-45105

Malicious code in bioql PyPI...

Adobe Acrobat Reader Font CFF2 PrivateDict vsindex Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2159 Adobe Acrobat Reader Font CFF2 PrivateDict vsindex Out-Of-Bounds Read Vulnerability June 11, 2025 CVE Number CVE-2025-43578 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2025.001.20435. A specially...

CVE-2019-1456

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts, aka 'OpenType Font Parsing Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1419...

CVE-2025-32488 WordPress Aria Font <= 1.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in آریا وردپرس Aria Font allows Stored XSS. This issue affects Aria Font: from n/a through 1.4...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : freetype2 (SUSE-SU-2025:0998-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0998-1 advisory. - CVE-2025-27363: Fixed out-of-bounds write when attempting to parse font subglyph structures related to...

CVE-2025-27830

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/writet1.c and psi/zfapi.c...