720 matches found
freetype: Information disclosure or denial of service via specially crafted font files
A flaw was found in Freetype. An integer overflow vulnerability exists when processing specially crafted OpenType variable fonts. A local attacker could exploit this by convincing a user to open a malicious font file, which may lead to an out-of-bounds read and potential information disclosure or...
DEBIAN-CVE-2026-9960
Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font file. Chromium security severity: High...
CVE-2026-9960
Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font file. Chromium security severity: High...
CVE-2026-9960
Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font file. Chromium security severity: High...
CVE-2026-9960
Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font file. Chromium security severity: High...
CVE-2026-9960
The CVE-2026-9960 entry concerns an integer overflow in PDFium within Google Chrome prior to 148.0.7778.216. A remote attacker who gains renderer process access could trigger arbitrary code execution inside the sandbox by processing a crafted font file. Affected software: Chromium-based Chrome wi...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability caused by PDFium integer overflow. This vulnerability could allow remote attackers with access to the renderer process to execute arbitrary code in a sandbo...
freetype: Information disclosure or denial of service via specially crafted font files
A flaw was found in Freetype. An integer overflow vulnerability exists when processing specially crafted OpenType variable fonts. A local attacker could exploit this by convincing a user to open a malicious font file, which may lead to an out-of-bounds read and potential information disclosure or...
DEBIAN-CVE-2026-33812
Parsing a malicious font file can cause excessive memory allocation...
CVE-2026-33812
Parsing a malicious font file can cause excessive memory allocation...
UBUNTU-CVE-2026-33812
Parsing a malicious font file can cause excessive memory allocation...
CVE-2026-33812
Parsing a malicious font file can cause excessive memory allocation...
CVE-2026-33812
Parsing a malicious font file can cause excessive memory allocation...
EUVD-2026-24245
Parsing a malicious font file can cause excessive memory allocation...
CVE-2026-33812 Excessive memory allocation when decoding malicious SFNT in golang.org/x/image
Parsing a malicious font file can cause excessive memory allocation...
PT-2026-34049
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Parsing a malicious font file can cause excessive memory allocation. Recommendations At the moment, there is no information about a newer version that contains a...
RLSA-2026:6628 Important: fontforge security update
FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: FontForge: Remote Code Execution via malicious SFD file...
ALSA-2026:6631 Important: fontforge security update
FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: FontForge: Remote Code Execution via malicious SFD file...
CVE-2020-37011
Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to exhaust memory through repeated malloc calls and...
UBUNTU-CVE-2025-15269
FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...