30 matches found
[SECURITY] Fedora 42 Update: fonttools-4.61.0-1.fc42
fontTools is a library for manipulating fonts, written in Python. The project includes the TTX tool, that can convert TrueType and OpenType fonts to and fr om an XML text format, which is also called TTX. It supports TrueType, OpenType, AFM and to an extent Type 1 and some Mac-specific formats...
EUVD-2017-12206
Malware in sbrugna...
[SECURITY] Fedora 39 Update: fonttools-4.43.1-1.fc39
fontTools is a library for manipulating fonts, written in Python. The project includes the TTX tool, that can convert TrueType and OpenType fonts to and from an XML text format, which is also called TTX. It supports TrueType, OpenType, AFM and to an extent Type 1 and some Mac-specific formats...
CVE-2023-45139
fontTools is a library for manipulating fonts, written in Python. The subsetting module has a XML External Entity Injection XXE vulnerability which allows an attacker to resolve arbitrary entities when a candidate font OT-SVG fonts, which contains a SVG table, is parsed. This allows attackers to...
CVE-2023-45139
CVE-2023-45139 affects the fontTools Python library, specifically the subsetting module. The issue is an XML External Entity (XXE) vulnerability that triggers when parsing candidate fonts (OT-SVG fonts with an SVG table), enabling an attacker to resolve arbitrary entities and potentially read arb...
Essential Real Estate < 4.4.0 - Subscriber+ Stored XSS
Description The plugin does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Stored XSS attacks. 1. Login with a subscriber account, and visit https://vulnerable-site.tld/wp-admin/profile.php?action=delete 2...
Xterm 命令注入漏洞
Xterm is a terminal emulator for the X Window System by Thomas Dickey, a personal developer. It is intended to provide Dec Vt102 and Tektronix 4014 compatible terminals for programs that cannot use the window system directly. A security vulnerability exists in versions prior to Xterm 375. An...
CVE-2021-33656
When setting font with malicous data by ioctl cmd PIOFONT,kernel will write memory out of bounds...
Fedora Update for t1utils FEDORA-2019-0c2f24ce3f
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 29 Update: t1utils-1.41-1.fc29
t1utils is a collection of programs for manipulating PostScript type 1 and type 2 fonts containing programs to convert between PFA ASCII format, PFB binary format, a human-readable and editable ASCII format, and Macintosh resource forks...
CVE-2018-5104
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firefox 58...
CVE-2018-5104
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firefox 58...
Design/Logic Flaw
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firefox 58...
CVE-2018-5104
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firefox 58...
CVE-2018-5104
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firefox 58...
CVE-2018-5104
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firefox 58...
CVE-2018-5104
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firefox 58...
CVE-2017-3065
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3065
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Successful exploitation could lead to arbitrary code execution...
Memory corruption
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Successful exploitation could lead to arbitrary code execution...