Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

30 matches found

Positive Technologies
Positive Technologiesadded 2026/05/06 12:0 a.m.6 views

PT-2026-38075

An integer overflow in the tt var load item variation store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...

5.3CVSS7.3AI score0.00017EPSS
Exploits0References6
GithubExploit
GithubExploitadded 2026/03/15 2:16 p.m.646 views

Exploit for XML Injection (aka Blind XPath Injection) in Fonttools

fontTools varLib CVE-2025-66034 Exploit...

9.8CVSS6AI score0.00085EPSS
Exploits9
Snyk
Snykadded 2026/03/02 4:9 p.m.2 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ttvarloaditemvariationstore function when processing HVAR, VVAR, or MVAR tables in OpenType variable fonts. An attacker can access sensitive information or cause a crash by enticing a user to open a specially...

5.3CVSS7.7AI score0.00017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/01/13 12:0 a.m.2 views

MiracleLinux 8 : freetype-2.9.1-9.el8.ML.1 (AXSA:2025-9777:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9777:02 advisory. An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph...

8.1CVSS7.7AI score0.70761EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/07/30 12:0 a.m.4 views

RockyLinux 9 : freetype (RLSA-2025:3407)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:3407 advisory. freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files CVE-2025-27363 Tenable has extracted the...

8.1CVSS7.2AI score0.70761EPSS
Exploits0References3
OSV
OSVadded 2025/07/29 1:40 p.m.5 views

RLSA-2025:3407 Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files...

8.1CVSS7.9AI score0.70761EPSS
Exploits0References2
OSV
OSVadded 2025/07/29 1:38 p.m.4 views

RLSA-2025:3421 Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files...

8.1CVSS7.9AI score0.70761EPSS
Exploits0References2
AlmaLinux
AlmaLinuxadded 2025/06/20 12:0 a.m.69 views

Moderate: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools:A malicious actor with non-administrative...

6.1CVSS8.6AI score0.00326EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2025/05/28 8:3 a.m.8 views

Important: Red Hat Security Advisory: spice-client-win security update

An update for spice-client-win is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this...

8.1CVSS7AI score0.70761EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2025/05/27 3:16 p.m.11 views

Important: Red Hat Security Advisory: spice-client-win security update

An update for spice-client-win is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this...

8.1CVSS7AI score0.70761EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2025/05/27 9:32 a.m.4 views

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

8.1CVSS7.7AI score0.70761EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2025/05/27 9:32 a.m.5 views

Important: Red Hat Security Advisory: mingw-freetype and spice-client-win security update

An update for mingw-freetype and spice-client-win is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

8.1CVSS7AI score0.70761EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/05/12 12:0 a.m.4 views

EulerOS 2.0 SP10 : freetype (EulerOS-SA-2025-1509)

According to the versions of the freetype package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font...

8.1CVSS7.2AI score0.70761EPSS
Exploits0References2
CISA KEV Catalog
CISA KEV Catalogadded 2025/05/06 12:0 a.m.28 views

FreeType Out-of-Bounds Write Vulnerability

FreeType contains an out-of-bounds write vulnerability when attempting to parse font subglyph structures related to TrueType GX and variable font files that may allow for arbitrary code execution...

8.1CVSS7.9AI score0.70761EPSS
In wildExploits0
Tenable Nessus
Tenable Nessusadded 2025/04/05 12:0 a.m.23 views

RHEL 8 : freetype (RHSA-2025:3386)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3386 advisory. FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs...

8.1CVSS7.3AI score0.70761EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2025/04/05 12:0 a.m.24 views

RHEL 8 : freetype (RHSA-2025:3393)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3393 advisory. FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs...

8.1CVSS7.3AI score0.70761EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2025/04/05 12:0 a.m.42 views

RHEL 9 : freetype (RHSA-2025:3383)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3383 advisory. FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs...

8.1CVSS7.3AI score0.70761EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2025/04/01 12:0 a.m.134 views

RHEL 8 : freetype (RHSA-2025:3421)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3421 advisory. FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs...

8.1CVSS7.3AI score0.70761EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2025/03/31 6:0 p.m.27 views

Important: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.1CVSS7AI score0.70761EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2025/03/31 2:26 p.m.13 views

Important: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.1CVSS7AI score0.70761EPSS
Exploits0References2
Rows per page
Query Builder