18 matches found
OPENSUSE-SU-2026:20608-1 Security update for fontforge
This update for fontforge fixes the following issues: - CVE-2025-15270: lack of proper validation of user-supplied data when parsing SFD files can lead to OOB writes and arbitrary code execution bsc1256031...
CVE-2025-15280
FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
CVE-2025-15272
FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2025-15275 FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2025-15274
FontForge (SFD file parsing) has a heap-based buffer overflow vulnerability that allows remote code execution. The flaw stems from improper validation of the length of user-supplied data before copying it into a heap buffer, enabling an attacker to run code in the caller’s context. Exploitation r...
EUVD-2025-205895
FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...
FontForge 安全漏洞
FontForge is an open source font editing tool from fontforge open source that supports multiple languages. A security vulnerability exists in FontForge that stems from improper validation of data length when parsing SFD files, which could lead to a heap buffer overflow and remote code execution...
FontForge 安全漏洞
FontForge is an open source font editing tool from fontforge open source that supports multiple languages. A security vulnerability exists in FontForge that stems from improper validation of data length when parsing SFD files, which could lead to a heap buffer overflow and remote code execution...
FontForge 资源管理错误漏洞
FontForge is an open source font editing tool from fontforge that supports multiple languages. A resource management error vulnerability exists in FontForge that stems from not verifying the existence of an object when parsing an SFD file, which could lead to post-release reuse and remote code...
(0Day) FontForge SFD File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SFD files...
AlmaLinux 8 : fontforge (ALSA-2020:4844)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2020:4844 advisory. - An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
Heap overflow
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
CVE-2020-5395
An out-of-bounds write was discovered in fontforge while parsing SFD files containing very large LayerCount tokens. The flaw allows an attacker to overwrite data before a buffer allocated on the heap, thus causing the application to crash or execute arbitrary code...