Malicious Package

Overview tailwindcss-web-font-awesome is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of...

PT-2022-14895 · Unknown · Font-Converter

Name of the Vulnerable Software and Affected Versions: font-converter versions all Description: The issue is related to Arbitrary Command Injection due to missing sanitization of input that potentially flows into the child process.exec function. This affects a FontForge wrapper used for conversio...

360 Security Browser Exploits Homologation Policy Bypass Vulnerability

360 Security Browser 360 Security Browser is a browser based on the dual kernel of IE and Chrome launched by 360 Security Center, a product of cooperation between Window of the World developer Phoenix Studio and 360 Security Center. A bypass same-origin policy vulnerability exists in 360 Security...

DEBIAN-CVE-2014-9668

The woffopenfont function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact via ...

UBUNTU-CVE-2014-9668

The woffopenfont function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact via ...

Mozilla Thunderbird < 12.0 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 12.0 and thus, is potentially affected by the following security issues : - An error exists with handling JavaScript errors that could lead to information disclosure. CVE-2011-1187 - An off-by-one error exists in the 'OpenType Sanitizer' that...

Code Execution Bug Bites Opera Browser

On the same day Mozilla shipped a Firefox update to fix multiple critical vulnerabilities, Opera dropped a major patch to fix three documented flaws, including a memory corruption issue that exposes users to code execution attacks. Here are the raw details: Advisory 1: Specially crafted domain...

Opera < 10.01 Multiple Vulnerabilities

Binary data 5217.prm...

Heap overflow

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type EOT web font that triggers the...

CVE-2006-0010

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type EOT web font that triggers the...

CVE-2006-0010

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type EOT web font that triggers the...

CVE-2006-0010

CVE-2006-0010 describes a heap-based buffer overflow in T2EMBED.DLL on Windows platforms (Windows 98/ME, Windows 2000 SP4, Windows XP SP1/SP2, Windows Server 2003 up to SP1). The overflow is triggered while Windows decompresses Embedded Open Type (EOT) fonts referenced by web pages or email, allo...

Microsoft Windows Embedded Web Font Buffer Overflow Vulnerability

Description Microsoft Windows is susceptible to a remotely exploitable buffer-overflow vulnerability. This issue is due to the software's failure to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This issue allows remote attackers to execute...