Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Zero Day Initiative
Zero Day Initiativeadded 2019/11/13 12:0 a.m.26 views

Microsoft Windows DirectWrite Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.9AI score0.26055EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2019/07/10 12:0 a.m.30 views

Microsoft Windows DirectWrite Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.6AI score0.0182EPSS
Exploits0References1
Exploit DB
Exploit DBadded 2019/07/10 12:0 a.m.384 views

Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readFDSelect

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
NVD
NVDadded 2015/05/13 10:59 a.m.18 views

CVE-2015-1671

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5...

9.3CVSS7.3AI score0.88026EPSS
Exploits0References4
NVD
NVDadded 2015/05/13 10:59 a.m.14 views

CVE-2015-1670

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, allows remote attackers to obtain sensitive information from process memory via a crafted OpenType font on a web site, aka "OpenType Font Parsing Vulnerability."...

4.3CVSS5.8AI score0.04518EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2015/05/13 12:0 a.m.225 views

MS15-044: Vulnerabilities in Microsoft Font Drivers Could Allow Remote Code Execution (3057110)

The remote Windows host is affected by multiple vulnerabilities : - An information disclosure vulnerability exists due to improper handling of OpenType fonts by the Windows DirectWrite library. A remote attacker can exploit this vulnerability by convincing a user to open a file or visit a website...

9.3CVSS6.6AI score0.88026EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2015/05/12 12:0 a.m.53 views

Microsoft Silverlight < 5.1.40416.00 Multiple Vulnerabilities (MS15-044 / MS15-049) (Mac OS X)

The version of Microsoft Silverlight installed on the remote host is affected by multiple vulnerabilities : - An information disclosure vulnerability exists due to improper handling of OpenType fonts by the Windows DirectWrite library. A remote attacker can exploit this vulnerability by convincin...

9.3CVSS6.8AI score0.88026EPSS
Exploits0References5
Rows per page
Query Builder