Lucene search
K

300 matches found

CVE
CVE
added 2024/10/08 8:40 a.m.50 views

CVE-2024-41981

CVE-2024-41981 affects Simcenter Femap V2306, V2401, and V2406, where a heap-based buffer overflow occurs while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. Connected sources identify the vulnerability in Simcenter Femap,...

7.8CVSS7.9AI score0.00221EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/08 8:40 a.m.16 views

CVE-2024-41981

A vulnerability has been identified in Simcenter Femap V2306 All versions, Simcenter Femap V2401 All versions, Simcenter Femap V2406 All versions. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted BDF files. This could allow an attacker to execut...

7.8CVSS7.9AI score0.00221EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.3 views

PT-2024-7985 · Siemens · Simcenter Femap +1

Name of the Vulnerable Software and Affected Versions: Simcenter Femap versions V2306 through V2406 Simcenter Nastran versions 2306 through 2312 Description: The issue is related to a memory corruption vulnerability while parsing specially crafted BDF files, which could allow an attacker to execu...

7.8CVSS7.8AI score0.00242EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.30 views

RHEL 4 : freetype (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - freetype: multiple integer overflows MacReadPOSTResource leading to heap-based buffer overflows...

7.5CVSS10AI score0.0571EPSS
Exploits10References10
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.18 views

RHEL 6 : fontforge (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - fontforge: Command injetion in help function uiutil.c CVE-2017-17521 - Stack-based buffer overflow in...

8.8CVSS8.3AI score0.10853EPSS
Exploits1References12
F5 Networks
F5 Networks
added 2023/02/21 5:34 p.m.37 views

K15095307: BDF parsing vulnerability CVE-2012-5669

Security Advisory Description The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read...

4.3CVSS7.3AI score0.03857EPSS
Exploits0Affected Software16
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-1351

Integer overflow in the bdfReadCharacters function in bdfread.c in 1 X.Org libXfont before 20070403 and 2 freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow...

8.5CVSS8.1AI score0.05586EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.5 views

SUSE CVE-2008-0006

Buffer overflow in 1 X.Org Xserver before 1.4.1, and 2 the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCFBDFENCODINGS...

7.5CVSS8.1AI score0.05108EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.4 views

SUSE CVE-2010-3053

bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service application crash via a crafted BDF font file, related to an attempted modification of a value in a static string...

4.3CVSS6.7AI score0.01798EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.2 views

SUSE CVE-2010-4259

Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long CHARSETREGISTRY header in a BDF font file...

6.8CVSS8.9AI score0.10853EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.3 views

SUSE CVE-2012-1126

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via crafted property data in a BDF font...

10CVSS7.8AI score0.05637EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.3 views

SUSE CVE-2012-1127

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font...

9.3CVSS7.8AI score0.03813EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.6 views

SUSE CVE-2012-1133

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap write operation and memory corruption or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font...

9.3CVSS7.9AI score0.04802EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.3 views

SUSE CVE-2012-1137

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via a crafted header in a BDF font...

9.3CVSS7.8AI score0.03813EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.4 views

SUSE CVE-2012-1136

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap write operation and memory corruption or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODI...

9.3CVSS7.9AI score0.03813EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.5 views

SUSE CVE-2012-1139

Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid stack read operation and memory corruption or possibly execute arbitrary code via crafted glyph data in a BDF font...

9.3CVSS7.8AI score0.03813EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.4 views

SUSE CVE-2012-5669

The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read...

4.3CVSS7.8AI score0.03857EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.2 views

SUSE CVE-2012-5668

FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdffreefont function...

4.3CVSS6.7AI score0.02339EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.9 views

SUSE CVE-2012-5670

The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service out-of-bounds write and crash via vectors related to BDF fonts and an ENCODING field with a negative value...

4.3CVSS6.8AI score0.02688EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:34 a.m.5 views

SUSE CVE-2013-6462

Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long string in a character name in a BDF font file...

9.3CVSS8.3AI score0.10254EPSS
Exploits1References9
Rows per page
Query Builder