EUVD-2022-43334

Malicious code in bioql PyPI...

EUVD-2022-43333

Malicious code in bioql PyPI...

CVE-2022-40008

SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c...

CVE-2022-46440

ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c...

CVE-2022-46440

ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c...

CVE-2022-46440

CVE-2022-46440 affects ttftool v0.9.2 (SWFTools). A segmentation violation is triggered via readU16 in ttf.c, per the CVE, with a Medium base score (5.5) and Availability impact as described. Connected sources confirm the vulnerability, but no patch/version specified in these documents. Exploitat...

UBUNTU-CVE-2022-40009

SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function growunicode at /lib/ttf.c...

CVE-2022-40008

CVE-2022-40008 affects SWFTools; the issue is a heap-buffer overflow in readU8 implemented in /lib/ttf.c, tied to commit 772e55a. The entry lists a CVSS v3.1 base score of 9.8 (CRITICAL), with network attack vector, no privileges required, no user interaction, and impact to confidentiality, integ...

CVE-2022-40008

SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c...

Heap overflow

When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead to a heap-based buffer over-read in the readBlock function in lib/ttf.c...