Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-8694

Malware in sbrugna...

8.8CVSS8.6AI score0.0122EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/04/14 12:0 a.m.8 views

openSUSE Security Advisory (SUSE-SU-2025:1199-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.01834EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.9 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : fontforge (SUSE-SU-2025:1199-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1199-1 advisory. - CVE-2017-17521: Fixed command injection in help function uiutil.c bsc1073014 Tenable has extracted the...

8.8CVSS7.1AI score0.01834EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/04/11 8:41 a.m.4 views

Security update for fontforge

This update for fontforge fixes the following issues: CVE-2017-17521: Fixed command injection in help function uiutil.c bsc1073014 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

5.9CVSS7.8AI score0.01834EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2025/04/11 12:0 a.m.6 views

fontforge-20230101-6.1 on GA media (moderate)

fontforge-20230101-6.1 on GA media Announcement ID: openSUSE-SU-2025:14981-1 Rating: moderate Cross-References: CVE-2017-17521 CVSS scores: CVE-2017-17521 SUSE : 5.9 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now...

5.9CVSS7.3AI score0.01834EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2017-17521

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow...

8.8CVSS6.9AI score0.01834EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.15 views

RHEL 7 : fontforge (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - fontforge: Command injetion in help function uiutil.c CVE-2017-17521 - FontForge 20161012 is vulnerable t...

8.8CVSS7.6AI score0.01834EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2017/12/14 8:49 p.m.32 views

CVE-2017-17521

uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17534...

8.8CVSS5.6AI score0.01834EPSS
Exploits0References1
NVD
NVD
added 2017/12/14 4:29 p.m.36 views

CVE-2017-17521

uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17534...

8.8CVSS8.4AI score0.01834EPSS
Exploits0References1
CVE
CVE
added 2017/12/14 4:0 p.m.75 views

CVE-2017-17521

CVE-2017-17521 concerns FontForge’s uiutil.c: it does not validate strings before launching the program specified by the BROWSER environment variable, enabling potential argument-injection via a crafted URL. Public mappings show affected products (FontForge) and fixes in vendor advisories: SUSE-S...

8.8CVSS8.3AI score0.01834EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2017/12/14 4:0 p.m.34 views

CVE-2017-17521

uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17534...

8.8CVSS6.9AI score0.01834EPSS
Exploits0
Rows per page
Query Builder