9565 matches found
CVE-2025-27363
An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a...
ALPINE-CVE-2025-27363
An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a...
DEBIAN-CVE-2025-27363
An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a...
AZL-58354 CVE-2025-27363 affecting package freetype for versions less than 2.13.1-1
An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a...
UBUNTU-CVE-2025-27363
An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a...
CVE-2025-27363
An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a...
CVE-2024-56182
A vulnerability has been identified in SIMATIC Field PG M5 All versions, SIMATIC Field PG M6 All versions V26.01.12, SIMATIC IPC BX-21A All versions V31.01.07, SIMATIC IPC BX-32A All versions V29.01.07, SIMATIC IPC BX-39A All versions V29.01.07, SIMATIC IPC BX-59A All versions V32.01.04, SIMATIC...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
PT-2025-27975
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an integer underflow that can occur when a device sends a specific input, leading to MMIO write access to an invalid page in the i40e clear hw function. This is...
CVE-2025-27363
An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a...
FreeType 缓冲区错误漏洞
FreeType is an open source font rendering library from FreeType Open Source. A buffer error vulnerability exists in FreeType version 2.13.0 and prior versions, which stems from an out-of-bounds write when parsing TrueType GX and variable font files, and could lead to the execution of arbitrary co...
VulnCheck KEV: CVE-2025-27363
FreeType contains an out-of-bounds write vulnerability when attempting to parse font subglyph structures related to TrueType GX and variable font files that may allow for arbitrary code execution...
CVE-2024-12604
Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Recovery Exploitation, Functionality Misuse.This issue affects Tap&Sign App: before V.1.025...
CVE-2024-12604
Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Recovery Exploitation, Functionality Misuse. This issue affects Tap&Sign App: before V.1.025...
X.Org: Xwayland: Use-after-free of the root cursor
A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free...
Security update for python
This update for python fixes the following issues: Reference to no longer used 'bracketedhost' variable in the fix for CVE-2025-0938 bsc1236705, bsc1223694. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
(0Day) Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...
CVE-2025-2024
Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visi...
CVE-2025-2024
Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visi...
CVE-2025-2024 Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability
Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visi...