6 matches found
CVE-2025-65875
An arbitrary file upload vulnerability in the AddFont function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file...
Linux Distros Unpatched Vulnerability : CVE-2014-2570
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in www/makesubset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the...
stb_truetype.h 缓冲区错误漏洞
stbtruetype.h is a TTF font parsing library. A buffer error vulnerability exists in stbtruetype.h v1.26, which stems from a heap buffer overflow in the function ttULONG in stbtruetype.h. The vulnerability is caused by a heap buffer overflow in the stbtruetype.h function...
CVE-2019-1441
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'...
Description of the security update for the font library vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: August 14, 2018
Description of the security update for the font library vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: August 14, 2018 Summary A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted...
DEBIAN-CVE-2017-16611
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open but not read files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files...