125 matches found
JLSEC-2026-531
A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012970)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012970 advisory. In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcondosetfont Commit a5a923038d70 fbdev: fbcon:...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011412)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011412 advisory. In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcondosetfont Commit a5a923038d70 fbdev: fbcon:...
RHEL 7 : fontforge (RHSA-2026:8937)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:8937 advisory. FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1,...
K000160685: Linux kernel vulnerability CVE-2025-40322
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count a...
CVE-2026-26202
Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from the server by supplying a local file path e.g. /etc/passwd as a font data chunk in the create-font-variant RPC endpoint, resulting in the file...
CVE-2026-26202 Penpot has Arbitrary File Read via create-font-variant RPC endpoint
Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from the server by supplying a local file path e.g. /etc/passwd as a font data chunk in the create-font-variant RPC endpoint, resulting in the file...
penpot 安全漏洞
Penpot is an open-source design tool developed by Penpot for collaboration in design and coding. Versions of Penpot prior to 2.13.2 contained a security vulnerability. This vulnerability allowed authenticated users to access arbitrary files by providing local file paths as font data blocks,...
CVE-2025-15534
A flaw was found in raylib. A local user could exploit an integer overflow vulnerability in the LoadFontData function. This flaw may lead to information disclosure, data modification, or denial of service, impacting the availability, integrity, and confidentiality of the application. Mitigation...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the LoadFontData function. An attacker can cause memory corruption or unexpected behavior by providing crafted input that triggers an integer overflow during font data processing. This is only...
CVE-2025-15534
A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used...
CVE-2025-15534
The CVE-2025-15534 issue affects raysan5 raylib up to commit 909f040, specifically the LoadFontData function in src/rtext.c. The vulnerability is an integer overflow, exploitable only from a local environment. An exploit is publicly available, and a patch is identified by the patch ID 5a3391fdce0...
CVE-2025-15534 raysan5 raylib rtext.c LoadFontData integer overflow
A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used...
PT-2026-3382
A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used...
CVE-2025-14235
Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06....
CVE-2025-14235
Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06....
Canon’s various products have security vulnerabilities
Canon ImageRunner is a product of the Japanese company Canon. Canon ImageRunner is a series of all-in-one black-and-white printers. Canon Color imageCLASS is a series of printers. Canon Satera is also a series of printers. Several Canon products have security vulnerabilities; these vulnerabilitie...
CVE-2025-14235
Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06....
CVE-2025-14235
Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06....
CVE-2025-14235
Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06....