CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2016/03/13 6:59 p.m.•5 views

CVE-2016-2795

The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...

8.8CVSS9.3AI score

NVD•added 2016/03/13 6:59 p.m.•17 views

CVE-2016-2795

8.8CVSS9.4AI score0.00565EPSS

8.8CVSS8.5AI score0.00565EPSS

DEBIAN-CVE-2016-2795

OSV•added 2016/03/13 6:59 p.m.•6 views

CVE-2016-2794

The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...

8.8CVSS8.8AI score0.00875EPSS

DEBIAN-CVE-2016-2794

8.8CVSS8.7AI score0.00562EPSS

DEBIAN-CVE-2016-2793

CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...

OSV•added 2016/03/13 6:59 p.m.•5 views

CVE-2016-2793

NVD•added 2016/03/13 6:59 p.m.•13 views

CVE-2016-2793

8.8CVSS9.5AI score0.00562EPSS

OSV•added 2016/03/13 6:59 p.m.•4 views

CVE-2016-2792

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font,...

8.8CVSS9AI score0.00565EPSS

DEBIAN-CVE-2016-2792

NVD•added 2016/03/13 6:59 p.m.•18 views

CVE-2016-2792

8.8CVSS9.6AI score0.00565EPSS

NVD•added 2016/03/13 6:59 p.m.•13 views

CVE-2016-2791

The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...

8.8CVSS9.5AI score0.00565EPSS

8.8CVSS8.8AI score0.00565EPSS

DEBIAN-CVE-2016-2791

OSV•added 2016/03/13 6:59 p.m.•4 views

CVE-2016-2791

8.8CVSS8.8AI score0.00565EPSS

DEBIAN-CVE-2016-2790

The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown othe...

OSV•added 2016/03/13 6:59 p.m.•4 views

CVE-2016-2790

8.8CVSS9.3AI score

NVD•added 2016/03/13 6:59 p.m.•15 views

CVE-2016-2790

8.8CVSS9.4AI score0.00565EPSS

NVD•added 2016/03/13 6:59 p.m.•17 views

CVE-2016-1977

The Machine::Code::decoder::analysis::setref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via a crafted Graphite smart font...

8.8CVSS9.4AI score0.00701EPSS

8.8CVSS8.8AI score0.00701EPSS

DEBIAN-CVE-2016-1977