831 matches found
Important: Red Hat Security Advisory: fontforge security update
An update for fontforge is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing
A flaw was found in FontForge. This heap-based buffer overflow vulnerability occurs during the parsing of pixels within BMP Bitmap files, due to insufficient validation of user-supplied data length. A remote attacker could exploit this by tricking a user into opening a malicious BMP file or...
Important: Red Hat Security Advisory: fontforge security update
An update for fontforge is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
fontforge: FontForge: Remote Code Execution via malicious SFD file parsing
A flaw was found in FontForge. This vulnerability allows a remote attacker to execute arbitrary code by tricking a user into opening a specially crafted SFD Spline Font Database file. The issue stems from improper validation of array indexes during SFD file parsing, which can lead to writing data...
RHEL 7 : fontforge (RHSA-2026:8937)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:8937 advisory. FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1,...
RHEL 10 : fontforge (RHSA-2026:8875)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:8875 advisory. FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Typ...
AlmaLinux 8 : fontforge (ALSA-2026:7677)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:7677 advisory. fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing CVE-2025-15279 fontforge: FontForge: Remote Code Execution...
fontforge security update
An update is available for fontforge. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FontForge is a font editor for outline and bitmap fonts. It supports a rang...
RLSA-2026:7677 Important: fontforge security update
FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: FontForge: Remote Code Execution via heap-based buffer...
fontforge security update
20200314-7 - Resolves: RHEL-138168 CVE-2025-15270 SFD File Parsing Remote Code Execution Vulnerability - Resolves: RHEL-138174 CVE-2025-15279 GUtils BMP File Parsing Heap-based Buffer Overflow - Resolves: RHEL-138190 CVE-2025-15275 SFD File Parsing Heap-based Buffer Overflow - Resolves: RHEL-1381...
RockyLinux 8 : fontforge (RLSA-2026:7677)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7677 advisory. fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing CVE-2025-15279 fontforge: FontForge: Remote Code Execution...
Oracle Linux 8 : fontforge (ELSA-2026-7677)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-7677 advisory. - Resolves: RHEL-138168 CVE-2025-15270 SFD File Parsing Remote Code Execution Vulnerability - Resolves: RHEL-138174 CVE-2025-15279 GUtils BMP File...
RHSA-2026:7677 Red Hat Security Advisory: fontforge security update
Bulletin has no description...
fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing
A flaw was found in FontForge. This heap-based buffer overflow vulnerability occurs during the parsing of pixels within BMP Bitmap files, due to insufficient validation of user-supplied data length. A remote attacker could exploit this by tricking a user into opening a malicious BMP file or...
fontforge: FontForge: Arbitrary code execution via SFD file parsing buffer overflow
A flaw was found in FontForge. A remote attacker could exploit a heap-based buffer overflow vulnerability during SFD file parsing. This issue arises from insufficient validation of user-supplied data length before copying it to a buffer. Successful exploitation requires user interaction, such as...
fontforge: FontForge: Remote Code Execution via malicious SFD file parsing
A flaw was found in FontForge. This vulnerability allows a remote attacker to execute arbitrary code by tricking a user into opening a specially crafted SFD Spline Font Database file. The issue stems from improper validation of array indexes during SFD file parsing, which can lead to writing data...
fontforge: FontForge: Remote Code Execution via Use-After-Free in SFD file parsing
A flaw was found in FontForge. This use-after-free vulnerability, occurring during the parsing of SFD Spline Font Database files, allows a remote attacker to execute arbitrary code. Successful exploitation requires user interaction, such as opening a specially crafted malicious file or visiting a...
Important: Red Hat Security Advisory: fontforge security update
An update for fontforge is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Important: fontforge security update
FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: FontForge: Remote Code Execution via heap-based buffer...
ALSA-2026:7677 Important: fontforge security update
FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: FontForge: Remote Code Execution via heap-based buffer...