CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

8.8CVSS9AI score0.00562EPSS

DEBIAN-CVE-2016-2797

The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart...

8.8CVSS8.7AI score0.00562EPSS

DEBIAN-CVE-2016-2793

CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...

8.8CVSS9AI score0.00565EPSS

DEBIAN-CVE-2016-2792

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font,...

8.8CVSS8.8AI score0.00565EPSS

DEBIAN-CVE-2016-2791

The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...

RedHat Linux•added 2016/03/09 5:11 a.m.•4 views

graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)

The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...

8.8CVSS7.5AI score0.00565EPSS

Exploits0References5

RedHat Linux•added 2016/03/09 5:11 a.m.•4 views

graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)

The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...

8.8CVSS7.5AI score0.00565EPSS

Exploits0References5

RedHat Linux•added 2016/03/09 5:11 a.m.•1 views

graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)

The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...

9.3CVSS7.5AI score0.00875EPSS

Exploits0References5

OSV•added 2016/03/08 12:0 a.m.•1 views

UBUNTU-CVE-2016-2797

8.8CVSS7.4AI score0.00562EPSS

UBUNTU-CVE-2016-2792

UBUNTU-CVE-2016-2798

The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...

8.8CVSS7.4AI score0.00562EPSS

UBUNTU-CVE-2016-2793

UBUNTU-CVE-2016-2801

OSV•added 2016/03/08 12:0 a.m.•1 views

UBUNTU-CVE-2016-2802

OSV•added 2016/03/08 12:0 a.m.•1 views

UBUNTU-CVE-2016-2800

Exploit DB•added 2016/02/24 12:0 a.m.•46 views

libxml2 - xmlDictAddString Heap Buffer Overread

Source: https://code.google.com/p/google-security-research/issues/detail?id=637 The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 2.9.3, released 4 days ago, by feeding a malformed file to xmllint "$ ./xmllint --html...

7AI score

exploitpack•added 2016/02/24 12:0 a.m.•20 views

libxml2 - xmlParseEndTag2 Heap Buffer Overread

libxml2 - xmlParseEndTag2 Heap Buffer Overread Source: https://code.google.com/p/google-security-research/issues/detail?id=638 The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 2.9.3, released 4 days ago, by feeding a...

0.4AI score

0day.today•added 2016/02/24 12:0 a.m.•83 views

libxml2 - xmlDictAddString Heap Based Buffer Overread

Exploit for linux platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=637 The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 2.9.3, released 4 days ago, by feeding a...

6.8CVSS7.5AI score0.04546EPSS

Exploits2

exploitpack•added 2016/02/24 12:0 a.m.•18 views

libxml2 - xmlDictAddString Heap Buffer Overread

libxml2 - xmlDictAddString Heap Buffer Overread Source: https://code.google.com/p/google-security-research/issues/detail?id=637 The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 2.9.3, released 4 days ago, by feeding a...

0.4AI score

Exploit DB•added 2016/02/24 12:0 a.m.•43 views

libxml2 - htmlCurrentChar Heap Buffer Overread

Source: https://code.google.com/p/google-security-research/issues/detail?id=636 The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 2.9.3, released 4 days ago, by feeding a malformed file to xmllint "$ ./xmllint --html...

7.4AI score

Exploit DB•added 2016/02/24 12:0 a.m.•48 views

libxml2 - xmlParserPrintFileContextInternal Heap Buffer Overread

Source: https://code.google.com/p/google-security-research/issues/detail?id=639 The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 2.9.3, released 4 days ago, by feeding a malformed file to xmllint "$ ./xmllint /path/to/file...

7.4AI score