CVE-2026-8558

The CVE-2026-8558 issue affects Google Chrome prior to 148.0.7778.168, in the Fonts component. An out-of-bounds write mishandles memory during font rendering, enabling a remote attacker to run arbitrary code inside the browser sandbox via a crafted HTML page. Remediation: update to Chrome 148.0.7...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability, which was caused by out-of-bounds read operations in fonts. This vulnerability could allow remote attackers to execute out-of-bounds memory reads...

CVE-2026-33812

A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted font file. Parsing this malicious file can lead to excessive memory allocation, which may result in a Denial of Service DoS for the affected system. Mitigation Mitigation fo...

DEBIAN-CVE-2026-4679

Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ttvarloaditemvariationstore function when processing HVAR, VVAR, or MVAR tables in OpenType variable fonts. An attacker can access sensitive information or cause a crash by enticing a user to open a specially...

EUVD-2011-0612

Malware in sbrugna...

EUVD-2024-52587

Malicious code in bioql PyPI...

EUVD-2022-29004

Malicious code in bioql PyPI...

Adobe Acrobat Reader Font CFF2 PrivateDict vsindex Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2159 Adobe Acrobat Reader Font CFF2 PrivateDict vsindex Out-Of-Bounds Read Vulnerability June 11, 2025 CVE Number CVE-2025-43578 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2025.001.20435. A specially...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : freetype2 (SUSE-SU-2025:0998-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0998-1 advisory. - CVE-2025-27363: Fixed out-of-bounds write when attempting to parse font subglyph structures related to...

CVE-2025-27830

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/writet1.c and psi/zfapi.c...

CVE-2024-54486

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted font may result in the disclosure of process memory...

Adobe Acrobat Reader Font Private Point Numbers Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2024-2070 Adobe Acrobat Reader Font Private Point Numbers Out-Of-Bounds Read Vulnerability December 11, 2024 CVE Number CVE-2024-49533 SUMMARY An out-of-bounds read vulnerability exists in font handling code of Adobe Acrobat Reader 2024.002.21005. A font file with...

CVE-2024-44240

The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory...

CVE-2024-47305

Cross-Site Request Forgery CSRF vulnerability in Dnesscarkey Use Any Font allows Cross Site Request Forgery.This issue affects Use Any Font: from n/a through 6.3.08...

Adobe Acrobat Reader Font gvar GlyphVariationData out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1946 Adobe Acrobat Reader Font gvar GlyphVariationData out-of-bounds read vulnerability May 15, 2024 CVE Number CVE-2024-30311 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2023.008.20470.A specially...

Apple macOS Big Sur Buffer Error Vulnerability

Apple macOS Big Sur is the 17th major version of Apple's macOS, the operating system used by Apple Inc. for the MAC. A security vulnerability exists in Apple macOS Big Sur version 11.0.1, which stems from the handling of maliciously crafted fonts may lead to arbitrary code execution...

Race condition

Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

SUSE CVE-2010-3626

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-2889...

SUSE CVE-2017-14741

The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service infinite loop via a crafted font file...