Lucene search
K

294 matches found

RedHat Linux
RedHat Linux
added 2020/11/05 9:0 a.m.105 views

Important: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

9.6CVSS7.3AI score0.5063EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2020/11/05 8:53 a.m.117 views

Important: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.6CVSS7.3AI score0.5063EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2020/11/05 8:40 a.m.56 views

Important: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.6CVSS7.3AI score0.5063EPSS
Exploits2References2
OSV
OSV
added 2020/11/05 8:26 a.m.32 views

RLSA-2020:4952 Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: Heap-based buffer overflow due to integer truncation in LoadSBitPng CVE-2020-15999 For more details about the...

8.6CVSS8.8AI score0.5063EPSS
Exploits2References2
OSV
OSV
added 2020/11/05 8:26 a.m.23 views

ALSA-2020:4952 Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: Heap-based buffer overflow due to integer truncation in LoadSBitPng CVE-2020-15999 For more details about the...

9.6CVSS8.8AI score0.5063EPSS
Exploits2References2
AlmaLinux
AlmaLinux
added 2020/11/05 8:26 a.m.35 views

Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: Heap-based buffer overflow due to integer truncation in LoadSBitPng CVE-2020-15999 For more details about the...

9.6CVSS7.8AI score0.5063EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2020/11/04 2:38 p.m.241 views

Important: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.6CVSS7.3AI score0.5063EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2020/10/22 2:48 p.m.117 views

USN-4593-2: FreeType vulnerability

USN-4593-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font...

9.6CVSS8.7AI score0.5063EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/10/20 12:2 p.m.90 views

USN-4593-1: FreeType vulnerability

Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...

9.6CVSS8.5AI score0.5063EPSS
Exploits2
Veracode
Veracode
added 2020/04/10 12:59 a.m.33 views

Arbitrary Code Execution

pango is vulnerable to arbitrary code execution. The vulnerability exists as an input sanitization flaw, leading to a heap-based buffer overflow, was found in the way Pango displayed font files when using the FreeType font engine back end. If a user loaded a malformed font file with an applicatio...

7.6CVSS2.8AI score0.18944EPSS
Exploits1References18Affected Software2
Veracode
Veracode
added 2020/04/10 12:49 a.m.23 views

Denial Of Service (DoS)

FreeType is vulnerable to Denial Of Service DoS. Several buffer overflow flaws were found in the way the FreeType font engine processed font files. If a user loaded a carefully-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly,...

6.8CVSS4.6AI score0.06287EPSS
Exploits1References18Affected Software1
Veracode
Veracode
added 2020/04/10 12:49 a.m.26 views

Buffer Overflow

FreeType is vulnerable to Buffer overflow. Several buffer overflow flaws were found in the way the FreeType font engine processed font files. If a user loaded a carefully-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute...

6.8CVSS4.2AI score0.06194EPSS
Exploits1References18Affected Software1
Veracode
Veracode
added 2020/04/10 12:49 a.m.23 views

Denial Of Service (DoS)

FreeType is vulnerable to Denial Of Service DoS. Due to an invalid memory management flaw was found in the way the FreeType font engine processed font files. If a user loaded a carefully-crafted font file with an application linked against FreeType, it could cause the application to crash or,...

6.8CVSS4.7AI score0.05638EPSS
Exploits1References16Affected Software1
Veracode
Veracode
added 2020/04/10 12:31 a.m.30 views

Integer Overflows

FreeType is Integer Overflows. Due to several integer overflow flaws in the FreeType 2 font engine, if a user loaded a carefully-crafted font file with an application linked against FreeType 2, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the...

7.5CVSS4.4AI score0.08541EPSS
Exploits1References42Affected Software1
OpenVAS
OpenVAS
added 2020/01/08 12:0 a.m.24 views

CentOS Update for freetype CESA-2019:4254 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.6AI score0.01919EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2019/12/17 11:15 a.m.73 views

Moderate: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.8CVSS6.8AI score0.01919EPSS
Exploits2References3
Ubuntu
Ubuntu
added 2019/09/09 7:6 p.m.86 views

USN-4126-2: FreeType vulnerabilities

USN-4126-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information. CVE-2015-9381,...

8.8CVSS6.8AI score0.02281EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/09/09 4:30 p.m.65 views

USN-4126-1: FreeType vulnerability

It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information...

6.5CVSS6.7AI score0.02281EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/09/05 12:0 a.m.35 views

Debian DLA-1909-1 : freetype security update

Several newly-referenced issues have been fixed in the FreeType 2 font engine. CVE-2015-9381 heap-based buffer over-read in T1GetPrivateDict in type1/t1parse.c CVE-2015-9382 buffer over-read in skipcomment in psaux/psobjs.c because psparserskipPStoken is mishandled in an FTNewMemoryFace operation...

8.8CVSS6.8AI score0.02281EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2019/09/05 12:0 a.m.98 views

Debian: Security Advisory (DLA-1909-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.02281EPSS
Exploits3References3
Rows per page
Query Builder