3 matches found
CVE-2024-25262
texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...
Cross site scripting
Photoshop Elements versions 2021 build 19.0 20210304.m.156367 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...
Remote Code Execution (RCE)
libfontforge.so is vulnerable to remote code execution RCE attacks.A malicious user can pass a ttf file to the getsid function in the parsettf.c file to cause a buffer over-read that can crash the application or cause arbitrary code to be executed...