Lucene search
+L

15 matches found

Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.39 views

AlmaLinux 8 : fontforge (ALSA-2020:4844)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2020:4844 advisory. - An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an...

8.8CVSS8.2AI score0.01343EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2020-0405)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.01343EPSS
Exploits0References4
Circl
Circl
added 2021/02/23 7:34 a.m.5 views

CVE-2020-25690

creationtimestamp| type| source ---|---|--- 2021-02-23 07:34:18+00:00| seen| https://t.me/cibsecurity/23968...

8.8CVSS8.1AI score0.01343EPSS
Exploits0References1
OSV
OSV
added 2021/02/23 4:15 a.m.27 views

CVE-2020-25690

An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...

8.8CVSS7.1AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/02/23 4:15 a.m.40 views

CVE-2020-25690

An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...

8.8CVSS7.4AI score0.01343EPSS
Exploits0References2
OSV
OSV
added 2021/02/23 4:15 a.m.3 views

UBUNTU-CVE-2020-25690

An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...

8.8CVSS7.4AI score0.01343EPSS
Exploits0References3
CVE
CVE
added 2021/02/23 3:40 a.m.229 views

CVE-2020-25690

FontForge is affected by CVE-2020-25690 due to an out-of-bounds write in SFD parsing (specifically LayerCount tokens) that can manipulate heap memory, causing a crash or arbitrary code execution. Affected: FontForge versions before 20200314. Root cause: parsing SFD data grants heap memory misuse....

8.8CVSS8.6AI score0.01343EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.31 views

CentOS 8 : fontforge (CESA-2020:4844)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2020:4844 advisory. - fontforge: SFDGetFontMetaData insufficient CVE-2020-5395 backport CVE-2020-25690 Note that Nessus has not tested for this issue but has instead relied only on...

8.8CVSS7.8AI score0.02478EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/12/07 12:0 a.m.46 views

openSUSE Security Update : fontforge (openSUSE-2020-2111)

This update for fontforge fixes the following issues : - fix for Use-after-free heap in the SFDGetFontMetaData function and the crash bsc1178308 CVE-2020-25690. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package...

8.8CVSS7.7AI score0.02478EPSS
Exploits1References4
OSV
OSV
added 2020/11/29 3:22 p.m.7 views

OPENSUSE-SU-2020:2111-1 Security update for fontforge

This update for fontforge fixes the following issues: - fix for Use-after-free heap in the SFDGetFontMetaData function and the crash bsc1178308 CVE-2020-25690. This update was imported from the SUSE:SLE-15:Update update project...

8.8CVSS8.7AI score0.02478EPSS
Exploits1References5
OSV
OSV
added 2020/11/08 2:14 p.m.8 views

MGASA-2020-0405 Updated fontforge packages fix a security vulnerability

SFDGetFontMetaData insufficient CVE-2020-5395 backport. CVE-2020-25690...

8.8CVSS8.6AI score0.01343EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/11/04 12:0 a.m.31 views

RHEL 8 : fontforge (RHSA-2020:4844)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:4844 advisory. FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type...

8.8CVSS7.8AI score0.02478EPSS
Exploits1References6
OSV
OSV
added 2020/11/03 12:40 p.m.32 views

ALSA-2020:4844 Moderate: fontforge security update

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: SFDGetFontMetaData insufficient CVE-2020-5395 backport...

8.8CVSS8.6AI score0.02478EPSS
Exploits1References1
AlmaLinux
AlmaLinux
added 2020/11/03 12:40 p.m.41 views

Moderate: fontforge security update

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: SFDGetFontMetaData insufficient CVE-2020-5395 backport...

8.8CVSS8.5AI score0.02478EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2020/10/30 1:56 p.m.24 views

CVE-2020-25690

An out-of-bounds write flaw was found in FontForge while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat from this vulnerability is t...

8.8CVSS6.1AI score0.02478EPSS
Exploits1References3
Rows per page
Query Builder