Lucene search
K

28 matches found

Packet Storm
Packet Storm
added 2026/06/15 12:0 a.m.48 views

📄 FreeType Font Rendering Overflow Test Harness / Crash Detection

This C program is a testing harness built around the FreeType font rendering library to detect potential memory corruption issues such as heap buffer overflows when loading malicious or malformed TrueType font files...

5.7AI score
Exploits0
Snyk
Snyk
added 2026/04/21 6:59 p.m.17 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value through the source.view path in font/sfnt. An attacker can force the parser to allocate a large read buffer by supplying a corrupt or malicious font file that advertises data beyond the file's...

6.1CVSS5.9AI score0.00112EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/04/23 12:34 p.m.5 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/22 8:58 a.m.3 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/22 8:58 a.m.8 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/22 8:49 a.m.6 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/22 8:48 a.m.4 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/22 8:38 a.m.4 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/18 12:25 p.m.3 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/18 10:30 a.m.3 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/18 10:0 a.m.3 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/18 9:58 a.m.2 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/18 9:44 a.m.0 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/18 9:10 a.m.4 views

Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...

5.9CVSS7.3AI score0.00663EPSS
Exploits0References6
OSV
OSV
added 2023/05/09 9:30 a.m.3 views

USN-6062-1 freetype vulnerability

It was discovered that FreeType incorrectly handled certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code...

7.2AI score
Exploits0References2
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.4 views

Apple ImageIO Buffer Error Vulnerability

Apple ImageIO is an Apple Inc. component necessary for parsing and writing image data in IOS mobile devices. A security vulnerability exists in Apple ImageIO where processing of maliciously crafted fonts may result in a process memory leak. The following products and versions are affected: macOS...

7.8CVSS6.9AI score0.01078EPSS
Exploits0References8
OSV
OSV
added 2020/10/22 2:48 p.m.0 views

USN-4593-2 freetype vulnerability

USN-4593-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font...

9.6CVSS7.2AI score0.5063EPSS
Exploits2References2
OSV
OSV
added 2020/10/20 12:2 p.m.3 views

USN-4593-1 freetype vulnerability

Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...

9.6CVSS7.3AI score0.5063EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2017/08/21 1:7 p.m.99 views

USN-3398-1: graphite2 vulnerabilities

Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or...

9.8CVSS7.7AI score0.05216EPSS
Exploits6
Ubuntu
Ubuntu
added 2016/03/14 1:21 p.m.72 views

USN-2927-1: graphite2 vulnerabilities

It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary...

9.3CVSS8.4AI score0.04907EPSS
Exploits1
Rows per page
Query Builder