Lucene search
K

209 matches found

OSV
OSV
added 2022/03/16 9:36 a.m.13 views

OPENSUSE-SU-2022:0873-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u322 icedtea-3.22.0 Including the following security fixes: - CVE-2022-21248, bsc1194926: Enhance cross VM serialization - CVE-2022-21283, bsc1194937: Better String matching - CVE-2022-21293, bsc1194935: Improve...

5.3CVSS5.3AI score0.08346EPSS
Exploits0References30
OSV
OSV
added 2022/03/16 9:34 a.m.9 views

SUSE-SU-2022:0871-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u322 icedtea-3.22.0 Including the following security fixes: - CVE-2022-21248, bsc1194926: Enhance cross VM serialization - CVE-2022-21283, bsc1194937: Better String matching - CVE-2022-21293, bsc1194935: Improve...

5.3CVSS5.4AI score0.08346EPSS
Exploits0References30
OpenVAS
OpenVAS
added 2021/11/11 12:0 a.m.28 views

Mozilla Firefox Security Advisory (MFSA2012-25) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

9.3CVSS6.4AI score0.04132EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/11/07 12:0 a.m.25 views

Fedora: Security Advisory for freetype (FEDORA-2020-6b35849edd)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.6CVSS8.8AI score0.5063EPSS
Exploits2References4
Fedora
Fedora
added 2020/10/25 1:21 a.m.49 views

[SECURITY] Fedora 32 Update: freetype-2.10.4-1.fc32

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

9.6CVSS7.5AI score0.5063EPSS
Exploits2
Fedora
Fedora
added 2020/10/25 1:1 a.m.46 views

[SECURITY] Fedora 33 Update: freetype-2.10.4-1.fc33

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

9.6CVSS7.5AI score0.5063EPSS
Exploits2
OpenVAS
OpenVAS
added 2020/10/25 12:0 a.m.26 views

Fedora: Security Advisory for freetype (FEDORA-2020-6299161e89)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.6CVSS8.8AI score0.5063EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.28 views

openSUSE Security Update : cairo (openSUSE-2020-1003)

This update for cairo fixes the following issues : - Fix a memory corruption in pango. - Revert 'Correctly decode Adobe CMYK JPEGs in PDF export'. - Add more FreeeType font color conversions to support COLR/CPAL. - Fix crash when rendering Microsoft's Segoe UI Emoji Regular font. - Fix memory lea...

7.5CVSS5.8AI score0.03463EPSS
Exploits1References2
OSV
OSV
added 2020/07/15 9:56 p.m.5 views

SUSE-SU-2020:1937-1 Security update for cairo

This update for cairo fixes the following issues: - Fix a memory corruption in pango. - Revert 'Correctly decode Adobe CMYK JPEGs in PDF export'. - Add more FreeeType font color conversions to support COLR/CPAL. - Fix crash when rendering Microsoft's Segoe UI Emoji Regular font. - Fix memory leak...

7.5CVSS7.6AI score0.03463EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2020/05/23 12:0 a.m.119 views

Security update for freetype2 (moderate)

openSUSE Security Update: Security update for freetype2 Announcement ID: openSUSE-SU-2020:0704-1 Rating: moderate References: 1079603 1091109 Cross-References: CVE-2018-6942 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available...

6.5CVSS7.2AI score0.02124EPSS
Exploits0References2
OSV
OSV
added 2020/05/20 11:2 a.m.6 views

SUSE-SU-2020:1353-1 Security update for freetype2

This update for freetype2 to version 2.10.1 fixes the following issues: Security issue fixed: - CVE-2018-6942: Fixed a NULL pointer dereference within ttinerp.c bsc1079603. Non-security issues fixed: - Update to version 2.10.1 The bytecode hinting of OpenType variation fonts was flawed, since the...

6.5CVSS7.1AI score0.02124EPSS
Exploits0References4
Veracode
Veracode
added 2020/04/10 1:9 a.m.26 views

Denial Of Service (DoS)

firefix/thunderbird is vulnerable to denial of service. A flaw was found in the way Firefox used its embedded Cairo library to render certain fonts. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the privileg...

9.3CVSS4.5AI score0.04132EPSS
Exploits0References11Affected Software3
Veracode
Veracode
added 2020/04/10 12:53 a.m.25 views

Arbitrary Code Execution

freetype is vulnerable to arbitrary code execution. The vulnerability exists as it was found that the FreeType font rendering engine improperly validated certain position values when processing input streams. If a user loaded a specially-crafted font file with an application linked against...

6.8CVSS4.1AI score0.05111EPSS
Exploits1References25Affected Software1
Veracode
Veracode
added 2020/04/10 12:50 a.m.27 views

Heap-based Buffer Overflows

FreeType is vulnerable to a heap-based buffer overflow. Due to a flaw found in the way the FreeType font rendering engine processed certain TrueType GX fonts, if a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or,...

6.8CVSS4.2AI score0.05276EPSS
Exploits0References34Affected Software1
Veracode
Veracode
added 2020/04/10 12:48 a.m.28 views

Denial Of Service (DoS)

freetype is vulnerable to denial of service DoS. The vulnerability exists as a stack overflow flaw was found in the way the FreeType font rendering engine processed PostScript Type 1 font files that contain nested Standard Encoding Accented Character seac calls. If a user loaded a specially-craft...

5CVSS1.6AI score0.03329EPSS
Exploits0References17Affected Software1
Veracode
Veracode
added 2020/04/10 12:48 a.m.27 views

Arbitrary Code Execution

freetype is vulnerable to arbitrary code execution. The vulnerability exists as a stack-based buffer overflow flaw was found in the way the FreeType font rendering engine processed some PostScript Type 1 fonts. If a user loaded a specially-crafted font file with an application linked against...

6.8CVSS2.9AI score0.04515EPSS
Exploits0References29Affected Software1
Veracode
Veracode
added 2020/04/10 12:48 a.m.26 views

Arbitrary Code Execution

freetype is vulnerable to arbitrary code execution. The vulnerability exists as it was discovered that the FreeType font rendering engine improperly validated certain position values when processing input streams. If a user loaded a specially-crafted font file with an application linked against...

9.3CVSS2.9AI score0.06735EPSS
Exploits0References15Affected Software1
Veracode
Veracode
added 2020/04/10 12:48 a.m.40 views

Arbitrary Code Execution

freetype is vulnerable to arbitrary code execution. The vulnerability exists through an array index error was found in the way the FreeType font rendering engine processed certain PostScript Type 42 font files. If a user loaded a specially-crafted font file with an application linked against...

6.8CVSS2.9AI score0.05839EPSS
Exploits1References30Affected Software1
Veracode
Veracode
added 2020/04/10 12:40 a.m.26 views

Denial Of Service (DoS)

pango is vulnerable to denial of service. An input sanitization flaw, leading to an array index error, was found in the way the Pango font rendering library synthesized the Glyph Definition GDEF table from a font's character map and the Unicode property database. If an attacker created a...

4.3CVSS1.9AI score0.02469EPSS
Exploits0References17Affected Software2
Tenable Nessus
Tenable Nessus
added 2020/03/13 12:0 a.m.37 views

EulerOS Virtualization for ARM 64 3.0.2.0 : freetype (EulerOS-SA-2020-1224)

According to the versions of the freetype package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a...

9.8CVSS7AI score0.03734EPSS
Exploits5References8
Rows per page
Query Builder