Lucene search
K

301 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:34 a.m.5 views

SUSE CVE-2013-6462

Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long string in a character name in a BDF font file...

9.3CVSS8.3AI score0.10254EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9660

The bdfparseglyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted BDF font...

7.5CVSS7.4AI score0.05059EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9675

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...

5CVSS6.9AI score0.04159EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.2 views

SUSE CVE-2015-1803

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...

8.5CVSS7.6AI score0.04864EPSS
Exploits0References10
Zero Day Initiative
Zero Day Initiative
added 2022/03/16 12:0 a.m.48 views

Siemens Simcenter Femap BDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.7AI score0.01362EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/02/22 6:15 p.m.8 views

CVE-2021-46699

A vulnerability has been identified in Simcenter Femap All versions V2022.1.1. Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. ZDI-CAN-15061...

7.8CVSS7.6AI score0.01362EPSS
Exploits0References3
OSV
OSV
added 2022/02/22 6:15 p.m.3 views

CVE-2021-46699

A vulnerability has been identified in Simcenter Femap All versions V2022.1.1. Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. ZDI-CAN-15061...

7.8CVSS6.2AI score0.01362EPSS
Exploits0References2
NVD
NVD
added 2022/02/22 6:15 p.m.38 views

CVE-2021-46699

A vulnerability has been identified in Simcenter Femap All versions V2022.1.1. Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. ZDI-CAN-15061...

7.8CVSS0.01362EPSS
Exploits0References2
Prion
Prion
added 2022/02/22 6:15 p.m.27 views

Stack overflow

A vulnerability has been identified in Simcenter Femap All versions V2022.1.1. Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. ZDI-CAN-15061...

6.8CVSS7.8AI score0.01362EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/17 1:15 p.m.5 views

CVE-2022-23318

A heap-buffer-overflow in pcf2bdf, versions = 1.05 allows an attacker to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent impact...

7.1CVSS7AI score0.0079EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2015-0113)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS4.1AI score0.04923EPSS
Exploits0References4
Veracode
Veracode
added 2020/04/10 1:9 a.m.31 views

Arbitrary Code Execution

freetype is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way FreeType handled TrueType Font TTF, Glyph Bitmap Distribution Format BDF, Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an...

9.3CVSS1.9AI score0.03813EPSS
Exploits0References28Affected Software1
Veracode
Veracode
added 2020/04/10 1:9 a.m.25 views

Arbitrary Code Execution

freetype is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way FreeType handled TrueType Font TTF, Glyph Bitmap Distribution Format BDF, Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an...

9.3CVSS1.9AI score0.04635EPSS
Exploits0References28Affected Software1
Veracode
Veracode
added 2020/04/10 1:9 a.m.27 views

Arbitrary Code Execution

freetype is vulenrable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way FreeType handled TrueType Font TTF, Glyph Bitmap Distribution Format BDF, Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an...

9.3CVSS1.9AI score0.03813EPSS
Exploits0References28Affected Software1
Veracode
Veracode
added 2020/04/10 12:15 a.m.24 views

Denial Of Service (DoS)

FreeType is vulnerable to denial of service DoS. An integer overflow flaw was found in the way the FreeType font engine processed BDF font files. If a user loaded a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or execute arbitrary cod...

8.5CVSS3.2AI score0.05586EPSS
Exploits0References70Affected Software1
Veracode
Veracode
added 2019/05/02 5:18 a.m.36 views

Arbitrary Code Execution

libxfont is vulnerable to arbitrary code execution. An integer truncation flaw was discovered in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the...

8.5CVSS6.8AI score0.04923EPSS
Exploits0References19Affected Software1
Veracode
Veracode
added 2019/05/02 5:18 a.m.30 views

Null Pointer Dereference

The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to cras...

8.5CVSS5.3AI score0.04923EPSS
Exploits0References18Affected Software1
Veracode
Veracode
added 2019/01/15 9:7 a.m.30 views

Denial Of Service (DoS)

libxfont is vulnerable to denial of service DoS attacks. The vulnerability exists as the bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service out-of-bounds write and crash or possibly...

8.5CVSS6.8AI score0.04864EPSS
Exploits0References18Affected Software1
Veracode
Veracode
added 2019/01/15 8:55 a.m.27 views

Denial Of Service (Dos)

freetype is vulnerable to denial of service. This is due to an out-of-bounds read when the rendering engine processes certain Glyph Bitmap Distribution Format BDF fonts. An attacker is able to crash a user's application, or potentially execute arbitrary code, via a malicious font file that is...

4.3CVSS6.2AI score0.03857EPSS
Exploits0References15Affected Software1
Veracode
Veracode
added 2019/01/15 8:55 a.m.18 views

Denial Of Service (Dos)

libXfont is vulnerable to denial of service. A stack-based buffer overflow occurs when the libXfont library parsed Glyph Bitmap Distribution Format BDF fonts with a long string in a character name. This allows a local attacker to crash the service or potentially execute arbitrary code with the...

9.3CVSS7AI score0.10254EPSS
Exploits1References18Affected Software1
Rows per page
Query Builder