9564 matches found
freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files
A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...
freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files
A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...
freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files
A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...
freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files
A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...
Important: Red Hat Security Advisory: freetype security update
An update for freetype is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...
freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files
A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...
PT-2025-13884 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.4 Description: The issue allows an app to potentially modify protected parts of the file system due to insufficient validation of environment variables. Recommendations: For versions prior to 15.4, update to macOS...
CVE-2025-2600
Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use the ELEVATEDPASSWORD variable even though not allowed by the "Allow password in variable policy". This issue affects Remote Desktop Manager versions from 2025.1.24...
CVE-2025-30222
Shescape is a simple shell escape library for JavaScript. Versions 1.7.2 through 2.1.1 are vulnerable to potential environment variable exposure on Windows with CMD. This impact users of Shescape on Windows that explicitly configure shell: 'cmd.exe' or shell: true using any of...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
CVE-2022-49752
CVE-2022-49752 concerns a node refcount leak in the Linux kernel function fwnode_graph_get_next_endpoint . The root cause is that the parent returned by _fwnode_graph_get_port_parent() is refcounted when a previous node is non-NULL and not released. The documented fix introduces a new variable to...
CVE-2023-52933
CVE-2023-52933 affects the Linux kernel Squashfs xattr_ids handling. Two overflow flaws were exposed by a corrupted filesystem: on 64‑bit systems, sign extension of xattr_ids when multiplied by sizeof(struct squashfs_xattr_id) can overflow and yield an incorrect len; on 32‑bit systems, the unsign...
CVE-2023-52933 Squashfs: fix handling and sanity checking of xattr_ids count
In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattrids count A Sysbot 1 corrupted filesystem exposes two flaws in the handling and sanity checking of the xattrids count in the filesystem. Both of these flaws cause computation...
CVE-2025-30358 Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks
Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to...
CVE-2025-30358 Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks
Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to...
SUSE: Security Advisory (SUSE-SU-2025:0998-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Shescape has potential environment variable exposure on Windows with CMD
Impact This impact users of Shescape on Windows that explicitly configure shell: 'cmd.exe' or shell: true using any of quote/quoteAll/escape/escapeAll. An attacker may be able to get read-only access to environment variables. Example: javascript import as cp from "node:childprocess"; import...
GHSA-66PP-5P9W-Q87J Shescape has potential environment variable exposure on Windows with CMD
Impact This impact users of Shescape on Windows that explicitly configure shell: 'cmd.exe' or shell: true using any of quote/quoteAll/escape/escapeAll. An attacker may be able to get read-only access to environment variables. Example: javascript import as cp from "node:childprocess"; import...
PT-2025-12986 · Devolutions · Devolutions Remote Desktop Manager
Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2024.3.29 and earlier Devolutions Remote Desktop Manager versions 2025.1.24 through 2025.1.25 Description: The issue is related to improper authorization in the variable component, allowing an...
CVE-2025-30222
Shescape is a simple shell escape library for JavaScript. Versions 1.7.2 through 2.1.1 are vulnerable to potential environment variable exposure on Windows with CMD. This impact users of Shescape on Windows that explicitly configure shell: 'cmd.exe' or shell: true using any of...