Astra Linux - уязвимость в qt4-x11, qtsvg-opensource-src

In Qt versions prior to 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, the initialization of munitsPerEm in QtSvg QSvgFont is handled incorrectly...

OESA-2025-2791 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

EUVD-2024-32701

Malicious code in bioql PyPI...

EUVD-2024-3587

Malicious code in bioql PyPI...

CVE-2022-45133

Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload...

UBUNTU-CVE-2025-50422

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...

RHEL 7 : freetype (RHSA-2025:3395)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3395 advisory. FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs...

GHSA-GRHH-R4JJ-8JH7 tecnickcom/tc-lib-pdf-font mishandles fonts

An issue was discovered in tc-lib-pdf-font before 2.6.4, as used in TCPDF before 6.8.0 and other products. Fonts are mishandled, e.g., FontBBox for Type 1 and TrueType fonts is misparsed...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a security issue with fbcondosetfont in fbcon...

OESA-2023-1580 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

OESA-2023-1579 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

AZL-26670 CVE-2023-32573 affecting package qt5-qtsvg for versions less than 5.15.9-1

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

November 8, 2022—KB5019966 (OS Build 17763.3650) - EXPIRED

November 8, 2022—KB5019966 OS Build 17763.3650 - EXPIRED EXPIRATION NOTICEIMPORTANT - As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. 10/11/22 REMINDER...

October 25, 2022—KB5018485 (OS Build 20348.1194) Preview

October 25, 2022—KB5018485 OS Build 20348.1194 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find...

October 25, 2022—KB5018482 (OS Builds 19042.2193, 19043.2193, and 19044.2193) Preview

October 25, 2022—KB5018482 OS Builds 19042.2193, 19043.2193, and 19044.2193 Preview 10/11/22 IMPORTANT All editions of Windows 10, version 21H1 will reach end of service on December 13, 2022. After December 13, 2022, these devices will not receive monthly security and quality updates. These updat...

June 18, 2019—KB4501371 (OS Build 17763.592)

June 18, 2019—KB4501371 OS Build 17763.592 Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard. Starting with update KB4497934, we are introducing functionality that allows you to decide when to install a feature update. You control when you g...

Windows 10 Insider Preview Build 18362.84

Windows 10 Insider Preview Build 18362.84 Summary Microsoft released a new cumulative update to Window Insider program Slow, Fast and Release Preview rings. If you have updated to Build 18356.30 or 18362.53 – your device will be offered this build. This update also includes updates that come as...

OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

CVE-2019-10044

Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin and Cyrillic characters...

MS16-042: Description of the security update for Word Automation Services on SharePoint Server 2013: April 12, 2016

MS16-042: Description of the security update for Word Automation Services on SharePoint Server 2013: April 12, 2016 Summary This security update resolves vulnerabilities in SharePoint that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these...