Lucene search
K

147 matches found

OSV
OSV
added 2023/12/09 12:5 a.m.10 views

OSV-2023-1272 Heap-buffer-overflow in OT::cff2::accelerator_templ_t<CFF::cff2_private_dict_opset_t, CFF::cff2_private_

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64859 Crash type: Heap-buffer-overflow READ 2 Crash state: OT::cff2::acceleratortempltCFF::cff2privatedictopsett, CFF::cff2private hbotdrawglyph hbfontdrawglyph...

7.2AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/24 12:0 a.m.18 views

(Pwn2Own) HP Color LaserJet Pro M479fdw CFF Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro M479fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of CFF fonts. The issue results from the...

8.8CVSS7.3AI score0.00372EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/12 12:0 a.m.6 views

PT-2023-35761 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves functions such as pdfi read cff font, pdfi load font buffer, and pdfi load...

6.8AI score
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 6:9 p.m.30 views

K16380: FreeType vulnerabilities CVE-2014-9656 and CVE-2014-9659

Security Advisory Description CVE-2014-9656 The ttsbitdecoderloadimage function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a...

7.5CVSS8.1AI score0.07687EPSS
Exploits2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.4 views

SUSE CVE-2010-3311

Integer overflow in base/ftstream.c in libXft aka the X FreeType library in FreeType before 2.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Compact Font Format CFF font file that triggers a heap-based buffer overflow,...

9.3CVSS8.4AI score0.06735EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.4 views

SUSE CVE-2016-10328

FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cffparserrun function in cff/cffparse.c...

9.8CVSS9.2AI score0.03699EPSS
Exploits0References5
OSV
OSV
added 2022/06/04 12:1 a.m.6 views

OSV-2022-457 Heap-buffer-overflow in CFF::Charset::collect_glyph_to_sid_map

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47790 Crash type: Heap-buffer-overflow READ 2 Crash state: CFF::Charset::collectglyphtosidmap cffsubsetplan::plansubsetcharset cffsubsetplan::create...

7.2AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/03/23 12:0 a.m.46 views

(Pwn2Own) HP LaserJet Pro MFP M283fdw CFF Font Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of HP LaserJet Pro MFP M283fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PostScript interpreter. Crafted data in a CFF font can...

4.3CVSS2.6AI score0.07022EPSS
Exploits0References1
CVE
CVE
added 2022/01/17 1:0 p.m.75 views

CVE-2021-25065

CVE-2021-25065 affects the Smash Balloon Social Post Feed WordPress plugin prior to version 4.1.1. The vulnerability is an authenticated reflected XSS in the custom-facebook-feed feature on the cff-top admin page. Connected sources specify the issue as a reflected XSS with impact potentially enab...

5.4CVSS5.2AI score0.01217EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2021/01/13 12:1 a.m.12 views

OSV-2018-143 Global-buffer-overflow in CFF::BlendArg::set_blends

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11714 Crash type: Global-buffer-overflow READ 8 Crash state: CFF::BlendArg::setblends CFF::CFF2CSOpSetCFF2CSOpSetSubrSubset, CFF::SubrSubsetParam, CFF::PathProcsNul CFF2CSOpSetSubrSubset::processop...

7.2AI score
Exploits0References1
OSV
OSV
added 2021/01/13 12:0 a.m.17 views

OSV-2018-115 Global-buffer-overflow in CFF::BlendArg::set_blends

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11691 Crash type: Global-buffer-overflow READ 8 Crash state: CFF::BlendArg::setblends CFF::CFF2CSOpSet::proc CFF::CSInterpreter::int...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/08/01 12:0 a.m.11 views

OSV-2020-1559 UNKNOWN WRITE in hb_vector_t<CFF::parsed_cs_op_t>::resize

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24532 Crash type: UNKNOWN WRITE Crash state: hbvectort::resize hbvectort::push CFF::parsedvaluest::addop...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/07/31 12:1 a.m.11 views

OSV-2020-1555 Global-buffer-overflow in OT::VarData::get_scalars

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24504 Crash type: Global-buffer-overflow WRITE 4 Crash state: OT::VarData::getscalars OT::VariationStore::getscalars CFF::cff2csinterpenvt::processblend...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/07/31 12:0 a.m.11 views

OSV-2020-1553 UNKNOWN READ in hb_realloc_impl

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24497 Crash type: UNKNOWN READ Crash state: hbreallocimpl hbvectort::alloc hbvectort::resize...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/07/31 12:0 a.m.14 views

OSV-2020-1551 UNKNOWN WRITE in CFF::parsed_cs_op_t::set_skip

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24507 Crash type: UNKNOWN WRITE Crash state: CFF::parsedcsopt::setskip CFF::parsedcsstrt::addcallop cff1csopsetsubrsubsett::processcallsubr...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/07/31 12:0 a.m.11 views

OSV-2020-1550 UNKNOWN WRITE in hb_vector_t<CFF::dict_val_t>::resize

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24489 Crash type: UNKNOWN WRITE Crash state: hbvectort::resize hbvectort::push CFF::dictvalt hbvectort::push...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/07/31 12:0 a.m.12 views

OSV-2020-1549 UNKNOWN WRITE in hb_vector_t<CFF::op_str_t>::resize

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24500 Crash type: UNKNOWN WRITE Crash state: hbvectort::resize hbvectort::push CFF::parsedvaluest::addop...

7.2AI score
Exploits0References1
ossfuzz
ossfuzz
added 2020/07/30 1:9 a.m.17 views

harfbuzz:hb-subset-fuzzer: Crash in CFF::parsed_cs_op_t::set_skip

Project: https://github.com/harfbuzz/harfbuzz.git Detailed Report: https://oss-fuzz.com/testcase?key=5668566628827136 Project: harfbuzz Fuzzing Engine: libFuzzer Fuzz Target: hb-subset-fuzzer Job Type: libfuzzerasanharfbuzz Platform Id: linux Crash Type: UNKNOWN WRITE Crash Address: 0x0000000ffd3...

6.8AI score
Exploits0Affected Software1
OSV
OSV
added 2020/07/22 9:50 p.m.10 views

OSV-2020-1325 Global-buffer-overflow in BEInt<unsigned short, 2>::operator unsigned short

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21769 Crash type: Global-buffer-overflow READ 2 Crash state: BEInt::operator unsigned short OT::IntType::operator unsigned int CFF::Charset0::getglyph...

7.2AI score
Exploits0References1
FireEye
FireEye
added 2020/05/12 12:0 a.m.103 views

Analyzing Dark Crystal RAT, a C# Backdoor

The FireEye Mandiant Threat Intelligence Team helps protect our customers by tracking cyber attackers and the malware they use. The FLARE Team helps augment our threat intelligence by reverse engineering malware samples. Recently, FLARE worked on a new C variant of Dark Crystal RAT DCRat that the...

7.3AI score
Exploits0References8
Rows per page
Query Builder