Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

107 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-3185

Malware in sbrugna...

7.8CVSS7.7AI score0.00273EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2017-3189

Malware in sbrugna...

7.8CVSS7.7AI score0.00635EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-3187

Malware in sbrugna...

7.8CVSS7.7AI score0.00273EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-3192

Malware in sbrugna...

7.8CVSS7.7AI score0.00273EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-3186

Malware in sbrugna...

7.8CVSS7.7AI score0.00513EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-3184

Malware in sbrugna...

7.8CVSS7.7AI score0.00565EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-3190

Malware in sbrugna...

7.8CVSS7.7AI score0.00273EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-3191

Malware in sbrugna...

5.5CVSS6.4AI score0.00249EPSS
Exploits0References7
WPVulnDB
WPVulnDBadded 2023/10/09 12:0 a.m.15 views

CITS Support svg, webp Media and TTF,OTF File Upload < 3.0 - Author+ Stored XSS via SVG

Description The plugin does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. PoC As an author, upload an SVG with the payload: View the SVG and see the XSS...

5.4CVSS5.3AI score0.00222EPSS
Exploits2Affected Software1
SUSE CVE
SUSE CVEadded 2023/02/15 4:42 a.m.2 views

SUSE CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

6.3CVSS9AI score0.00513EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2023/02/15 4:42 a.m.1 views

SUSE CVE-2017-11570

FontForge 20161012 is vulnerable to a buffer over-read in umodenc parsettf.c resulting in DoS or code execution via a crafted otf file...

7.6CVSS8.9AI score0.00273EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 4:42 a.m.1 views

SUSE CVE-2017-11569

FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights parsettf.c resulting in DoS or code execution via a crafted otf file...

7.6CVSS8.9AI score0.00565EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2023/02/15 4:42 a.m.2 views

SUSE CVE-2017-11577

FontForge 20161012 is vulnerable to a buffer over-read in getsid parsettf.c resulting in DoS or code execution via a crafted otf file...

6.3CVSS8.9AI score0.00273EPSS
Exploits0References4
Veracode
Veracodeadded 2018/05/28 10:12 a.m.16 views

Remote Code Execution (RCE)

libfontforge.so is vulnerable to remote code execution RCE attacks. A malicious user can pass an otf file to the PSCharStringToSplines function in psread.c to cause a buffer overflow that can crash the application or cause arbitrary code execution...

7.8CVSS8.1AI score0.00285EPSS
Exploits0References3Affected Software1
Veracode
Veracodeadded 2018/05/28 9:58 a.m.19 views

Remote Code Execution (RCE)

libfontforge.so is vulnerable to remote code execution RCE attacks. A malicious user can pass an otf file to the umodenc function in parsettf.c to cause a buffer overflow and crash the application or cause arbitrary code to be executed...

7.8CVSS8.2AI score0.00273EPSS
Exploits0References1Affected Software1
Veracode
Veracodeadded 2018/05/28 8:32 a.m.15 views

Remote Code Execution (RCE)

libfontforge.so is vulnerable to remote code execution RCE attacks. A malicious user can pass a otf file to the ValidatePostScriptFontName function in parsettf.c file to cause a buffer overflow and crash the application or cause arbitrary code to be executed...

7.8CVSS8.2AI score0.00273EPSS
Exploits0References1Affected Software1
Veracode
Veracodeadded 2018/04/13 4:39 a.m.15 views

Denial Of Service (DoS)

libfontforge.so is vulnerable to denial of service DoS through stack-based under flow attacks. The vulnerability exists as it failed to check if the weight vector in the readcfftopdict function of parsettf.c is positive, allowing a malicious otf file to cause a denial of service DoS through...

5.5CVSS5.8AI score0.00249EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessusadded 2017/08/28 12:0 a.m.22 views

Debian DLA-1065-1 : fontforge security update

FontForge is vulnerable to heap-based buffer over-read in several functions, resulting in DoS or code execution via a crafted otf file : For Debian 7 'Wheezy', these problems have been fixed in version 0.0.20120101+git-2+deb7u1. We recommend that you upgrade your fontforge packages. NOTE: Tenable...

7.8CVSS7.4AI score0.00635EPSS
Exploits0References10
RedhatCVE
RedhatCVEadded 2017/07/26 2:51 p.m.15 views

CVE-2017-11577

FontForge 20161012 is vulnerable to a buffer over-read in getsid parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS4.9AI score0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2017/07/26 2:50 p.m.13 views

CVE-2017-11576

FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict parsettf.c resulting in DoS via a crafted otf file...

5.5CVSS2.4AI score0.00249EPSS
Exploits0References1
Rows per page
Query Builder