CVE-2025-24182

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. Processing a maliciously crafted font may result in the disclosure of process memory...

CVE-2025-24244

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted font may result in the disclosure of process memory...

PT-2025-13926 · Apple · Macos Sonoma +6

Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.7.5 tvOS versions prior to 18.4 iPadOS versions prior to 17.7.6 iOS versions prior to 18.4 iPadOS versions prior to 18.4 macOS Sequoia versions prior to 15.4 macOS Sonoma versions prior to 14.7.5 Description...

CVE-2024-12649

Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier...

CVE-2024-12647

Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and...

CVE-2024-12649

Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier...

CVE-2024-54486

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted font may result in the disclosure of process memory...

CVE-2024-54486

CVE-2024-54486 involves memory disclosure triggered by processing a maliciously crafted font in Apple platforms. Connected sources confirm the issue affects Apple operating systems and fonts handling, with remediation in updates: iPadOS 17.7.3, iOS 18.2, iPadOS 18.2, macOS Sequoia 15.2, Ventura 1...

CVE-2024-44240

The issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing a maliciously crafted font may result in the disclosure of...

CVE-2024-44240

The issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing a maliciously crafted font may result in the disclosure of...

CVE-2024-44240

The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory...

CVE-2024-44240

CVE-2024-44240 is a font-processing vulnerability in Apple platforms where processing a maliciously crafted font may disclose process memory. According to the primary description, impact is limited to confidentiality (C) with no integrity/availability impact stated, and the issue is fixed in mult...

CVE-2024-44302

The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory...

CVE-2024-44302

The issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing a maliciously crafted font may result in the disclosure of...

CVE-2024-44302

CVE-2024-44302 affects Apple platforms: tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, and visionOS 2.1. Issue stems from processing a maliciously crafted font, which may disclose process memory. Root cause described as ...

RHEL 3 : server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - OpenJDK Font processing vulnerability 6733336 CVE-2008-5356 - OpenJDK Truetype Font processing...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the execution of operations outside of the buffer in memory due to a numerical overflow. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information durin...

ROS-20240403-05

Vulnerability of grubfontconstructglyph function of Grub2 operating systems loader is related to the output of the operation outside the memory buffer when processing specially designed fonts in pf2 format. Exploitation of the vulnerability may allow an attacker to execute arbitrary code Grub2...

Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2023-1905 Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20735 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.2038...

CVE-2023-32366

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4. Processing a font file may lead to arbitrary code execution...