Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2014-9675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discove...

5CVSS7.3AI score0.04159EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2015:0455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.07687EPSS
Exploits21References23
Veracode
Veracode
added 2019/05/02 5:12 a.m.35 views

Heap-Based Buffer Overflow

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

7.5CVSS8.7AI score0.0571EPSS
Exploits13References14Affected Software1
Veracode
Veracode
added 2019/05/02 5:12 a.m.34 views

Integer Overflow

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

7.5CVSS8.7AI score0.0571EPSS
Exploits13References16Affected Software1
Veracode
Veracode
added 2019/05/02 5:12 a.m.35 views

Out-Of-Bounds Read

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

7.5CVSS8.7AI score0.0571EPSS
Exploits13References16Affected Software1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.37 views

Amazon Linux: Security Advisory (ALAS-2015-502)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.0571EPSS
Exploits13References2
Tenable Nessus
Tenable Nessus
added 2015/03/20 12:0 a.m.29 views

OracleVM 3.3 : freetype (OVMSA-2015-0036)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fixes CVE-2014-9657 - Check minimum size of recordsize'. - Fixes CVE-2014-9658 - Use correct value for minimum table length test. - Fixes CVE-2014-9675 - New macro that checks one character more than...

7.5CVSS7.6AI score0.0571EPSS
Exploits13References15
OpenVAS
OpenVAS
added 2015/03/19 12:0 a.m.36 views

RedHat Update for freetype RHSA-2015:0696-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.0571EPSS
Exploits13References2
Tenable Nessus
Tenable Nessus
added 2015/03/18 12:0 a.m.45 views

Oracle Linux 6 / 7 : freetype (ELSA-2015-0696)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0696 advisory. - Fixes CVE-2014-9657 - Check minimum size of recordsize. - Fixes CVE-2014-9658 - Use correct value for minimum table length test. - Fixes...

7.5CVSS7.7AI score0.0571EPSS
Exploits13References14
Tenable Nessus
Tenable Nessus
added 2015/03/17 12:0 a.m.41 views

Debian DSA-3188-1 : freetype - security update

Mateusz Jurczyk discovered multiple vulnerabilities in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

7.5CVSS7.2AI score0.05059EPSS
Exploits15References17
Debian
Debian
added 2015/03/15 7:49 p.m.48 views

[SECURITY] [DSA 3188-1] freetype security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3188-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 15, 2015 http://www.debian.org/security/faq -...

7.5CVSS8.4AI score0.05059EPSS
Exploits15
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.62 views

[USN-2510-1] FreeType vulnerabilities

========================================================================== Ubuntu Security Notice USN-2510-1 February 24, 2015 freetype vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

7.5CVSS0.5AI score0.07687EPSS
Exploits20
OpenVAS
OpenVAS
added 2015/02/25 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-2510-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.07687EPSS
Exploits20References2
OpenVAS
OpenVAS
added 2015/02/21 12:0 a.m.25 views

Fedora Update for freetype FEDORA-2015-2216

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.07687EPSS
Exploits23References2
Tenable Nessus
Tenable Nessus
added 2015/02/20 12:0 a.m.40 views

Fedora 21 : freetype-2.5.3-15.fc21 (2015-2237)

This update fixes several security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEV...

7.5CVSS7AI score0.07687EPSS
Exploits17References35
NVD
NVD
added 2015/02/08 11:59 a.m.20 views

CVE-2014-9675

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...

5CVSS6.9AI score0.04159EPSS
Exploits1References15
OSV
OSV
added 2015/02/08 11:59 a.m.4 views

CVE-2014-9675

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...

6.2AI score
Exploits0References15
CVE
CVE
added 2015/02/08 11:0 a.m.107 views

CVE-2014-9675

CVE-2014-9675 is a vulnerability in FreeType prior to 2.5.4 where bdf/bdflib.c identifies property names by matching only an initial substring. This allows remote attackers to discover heap pointer values and bypass ASLR via a crafted BDF font. Affected: FreeType library (before 2.5.4); impact is...

5CVSS7.5AI score0.04159EPSS
Exploits1References15Affected Software1
UbuntuCve
UbuntuCve
added 2015/02/08 12:0 a.m.25 views

CVE-2014-9675

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...

5CVSS7.1AI score0.04159EPSS
Exploits1References2
OSV
OSV
added 2015/02/08 12:0 a.m.4 views

UBUNTU-CVE-2014-9675

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...

5CVSS7.2AI score0.04159EPSS
Exploits1References3
Rows per page
Query Builder