catdoc zero-day, NVIDIA, High-Logic FontCreator and Parallel vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed three zero-day vulnerabilities in catdoc, as well as vulnerabilities in Parallel, NVIDIA and High-Logic FontCreator 15. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in adheren...

CVE-2025-20001

An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability...

CVE-2025-20001

An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability...

CVE-2025-20001

An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability...

CVE-2025-20001

An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability...

CVE-2025-20001

High-Logic FontCreator 15.0.0.3015 is affected by CVE-2025-20001 (TALOS-2025-2157): an out-of-bounds read in the GSUB subtable processing of OpenType fonts, leading to potential disclosure of sensitive information when a user opens a specially crafted font file. Exploitation requires user interac...

PT-2025-23529 · High Logic · Fontcreator

Name of the Vulnerable Software and Affected Versions: High-Logic FontCreator version 15.0.0.3015 Description: An out-of-bounds read issue exists, allowing disclosure of sensitive information. This can be triggered by a specially crafted font file, requiring an attacker to trick a user into openi...

High-Logic FontCreator 缓冲区错误漏洞

High-Logic FontCreator is a font editor from High-Logic. A security vulnerability exists in High-Logic FontCreator version 15.0.0.3015, which originates from an out-of-bounds read when processing specially crafted font files...

High-Logic FontCreator GSUB subtable Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2157 High-Logic FontCreator GSUB subtable Out-Of-Bounds Read Vulnerability June 2, 2025 CVE Number CVE-2025-20001 SUMMARY An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this...