Lucene search
K

21 matches found

OSV
OSV
added 2026/04/25 5:51 a.m.6 views

OESA-2026-2113 texlive-base security update

The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...

8.1CVSS5.7AI score0.00902EPSS
Exploits0References2
OSV
OSV
added 2026/04/25 5:51 a.m.7 views

OESA-2026-2111 texlive-base security update

The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...

8.1CVSS5.7AI score0.00902EPSS
Exploits0References2
OSV
OSV
added 2026/04/25 5:51 a.m.8 views

OESA-2026-2110 texlive-base security update

The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...

8.1CVSS5.7AI score0.00902EPSS
Exploits0References2
OSV
OSV
added 2026/04/17 1:51 p.m.7 views

JLSEC-2026-127

SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...

7.8CVSS5.9AI score0.00946EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2026/01/29 3:16 p.m.7 views

CVE-2020-37011

Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to exhaust memory through repeated malloc calls and...

8.4CVSS5.8AI score0.00411EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/29 2:28 p.m.32 views

CVE-2020-37011 Gnome Fonts Viewer 3.34.0 Heap Corruption

Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to exhaust memory through repeated malloc calls and...

8.4CVSS0.00411EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2014-2280

Malware in sbrugna...

6.8CVSS5.7AI score0.01571EPSS
Exploits2References8
RedhatCVE
RedhatCVE
added 2025/05/23 9:51 a.m.10 views

CVE-2024-25262

texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...

8.1CVSS7.4AI score0.00902EPSS
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2024/07/01 12:0 a.m.22 views

SDL_ttf: Arbitrary Memory Write

Background SDLttf is a wrapper around the FreeType and Harfbuzz libraries, allowing you to use TrueType fonts to render text in SDL applications. Description A vulnerability has been discovered in SDLttf. Please review the CVE identifier referenced below for details. Impact SDLttf was discovered ...

7.8CVSS7.4AI score0.00946EPSS
Exploits1
Mageia
Mageia
added 2024/04/05 6:24 p.m.49 views

Updated texlive-20220321 packages fix security vulnerabilities

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

8.1CVSS7.8AI score0.00902EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/02/29 1:44 a.m.36 views

CVE-2024-25262

texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...

8.1CVSS7.3AI score0.00902EPSS
Exploits0References3
Prion
Prion
added 2024/02/29 1:44 a.m.45 views

Heap overflow

texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...

8AI score0.00902EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/02/20 12:0 a.m.18 views

CVE-2024-25262

texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...

8.1CVSS8AI score0.00902EPSS
Exploits0
Veracode
Veracode
added 2022/07/14 2:57 p.m.23 views

Out-Of-Bound Writes

SDLttf is vulnerable to out-of-bound writes. The vulnerability exists in TTFRenderTextSolid function which allows an attacker to cause out-of-bound writes via a crafted TTF file...

7.8CVSS7AI score0.00946EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2022/05/04 3:15 a.m.14 views

CVE-2022-27470

SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...

7.8CVSS0.00946EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2022/05/04 3:15 a.m.45 views

CVE-2022-27470

SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...

7.8CVSS7.2AI score0.00946EPSS
Exploits1References3
OSV
OSV
added 2022/05/04 2:34 a.m.19 views

CVE-2022-27470

SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...

7.8CVSS7.1AI score0.00946EPSS
Exploits1References7
OSV
OSV
added 2018/03/09 7:29 p.m.18 views

CVE-2018-7999

In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file...

8.8CVSS7.7AI score
Exploits0References4
Prion
Prion
added 2014/03/27 4:55 p.m.10 views

Heap overflow

Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before 8.1 allows remote attackers to execute arbitrary code via crafted font table directory values in a TTF file, related to naming table entries...

9.3CVSS8.7AI score0.05161EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2014/03/18 5:4 p.m.19 views

Design/Logic Flaw

The 1 cf2initLocalRegionBuffer and 2 cf2initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service assertion failure, as demonstrated by a crafted ttf file...

6.8CVSS6.9AI score0.01571EPSS
Exploits2References5Affected Software2
Rows per page
Query Builder