34 matches found
EUVD-2026-34760
Integer overflow in Fonts in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11299
Integer overflow in Fonts in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
CVE-2026-42308
A flaw was found in Pillow, a Python imaging library. If a font advances for each glyph by an exceeding large amount, an integer overflow can occur when Pillow tracks the current position. This could lead to a denial of service DoS condition, making the application unavailable. Mitigation To...
CVE-2026-8577
Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8577
Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-42308 Pillow: Integer overflow when processing fonts
Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0...
Fedora 42 : cef (2026-6188cc51be)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6188cc51be advisory. Update to cef-146.0.9+g3ca6a87 + chromium 146.0.7680.164 High CVE-2026-4673: Heap buffer overflow in WebAudio High CVE-2026-4674: Out of bounds read...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-006719)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006719 advisory. In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcondosetfont Fix integer overflow vulnerabilities in...
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-1610)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
SUSE-SU-2025:4111-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. - CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857. ...
Linux Distros Unpatched Vulnerability : CVE-2025-39967
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbcon: fix integer overflow in fbcondosetfont Fix integer overflow vulnerabilities in fbcondosetfont where font size calculations could overflow when handling...
SUSE CVE-2025-39967
In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcondosetfont Fix integer overflow vulnerabilities in fbcondosetfont where font size calculations could overflow when handling user-controlled font parameters. The vulnerabilities occur when: 1...
EUVD-2025-34605
In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcondosetfont Fix integer overflow vulnerabilities in fbcondosetfont where font size calculations could overflow when handling user-controlled font parameters. The vulnerabilities occur when: 1...
AZL-76440 CVE-2025-39967 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcondosetfont Fix integer overflow vulnerabilities in fbcondosetfont where font size calculations could overflow when handling user-controlled font parameters. The vulnerabilities occur when: 1...
AZL-68468 CVE-2025-39967 affecting package kernel for versions less than 6.6.112.1-1
In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcondosetfont Fix integer overflow vulnerabilities in fbcondosetfont where font size calculations could overflow when handling user-controlled font parameters. The vulnerabilities occur when: 1...
Linux Distros Unpatched Vulnerability : CVE-2024-3859
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This...
OESA-2023-1395 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A known cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch...