16 matches found
EUVD-2011-2335
Malware in sbrugna...
EUVD-2024-0267
Malicious code in bioql PyPI...
Fedora 39 : fonttools (2024-6d1d9f70d2)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6d1d9f70d2 advisory. Security fix for CVE-2023-45139 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
OESA-2024-1080 python-fonttools security update
FontTools is a library for manipulating fonts, written in Python. The project includes the TTX tool, that can convert TrueType and OpenType fonts to and from an XML text format, which is also called TTX. It supports TrueType, OpenType, AFM and to an extent Type 1 and some Mac-specific formats. Th...
CVE-2023-45139
fontTools is a library for manipulating fonts, written in Python. The subsetting module has a XML External Entity Injection XXE vulnerability which allows an attacker to resolve arbitrary entities when a candidate font OT-SVG fonts, which contains a SVG table, is parsed. This allows attackers to...
UBUNTU-CVE-2023-45139
fontTools is a library for manipulating fonts, written in Python. The subsetting module has a XML External Entity Injection XXE vulnerability which allows an attacker to resolve arbitrary entities when a candidate font OT-SVG fonts, which contains a SVG table, is parsed. This allows attackers to...
CVE-2023-45139 fonttools XML External Entity Injection (XXE) Vulnerability
fontTools is a library for manipulating fonts, written in Python. The subsetting module has a XML External Entity Injection XXE vulnerability which allows an attacker to resolve arbitrary entities when a candidate font OT-SVG fonts, which contains a SVG table, is parsed. This allows attackers to...
CVE-2023-45139
fontTools is a library for manipulating fonts, written in Python. The subsetting module has a XML External Entity Injection XXE vulnerability which allows an attacker to resolve arbitrary entities when a candidate font OT-SVG fonts, which contains a SVG table, is parsed. This allows attackers to...
CVE-2011-2346
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG fonts...
CVE-2011-2346
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG fonts...
Design/Logic Flaw
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG fonts...
CVE-2011-2346
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG fonts...
CVE-2011-2346
CVE-2011-2346 is a use-after-free in Google Chrome’s SVG fonts handling present in Chrome prior to 12.0.742.112. The underlying issue is a memory management error in the SVG font processing path, which could allow a remote attacker to trigger a denial of service or potentially cause other unspeci...
CVE-2011-2346
Removed by vendor...
Debian DSA-2189-1 : chromium-browser - several vulnerabilities
Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-1108 Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote attackers to cause a denial of...
[SECURITY] [DSA 2189-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2189-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano March 10, 2011 http://www.debian.org/security/faq -...