31 matches found
CVE-2024-25082
FontForge (through 20230101) is affected by CVE-2024-25081 and CVE-2024-25082, allowing shell command injection via specially crafted filenames or archives/compressed files. Public advisories from Debian (DSA-5641-1), AlmaLinux (ALSA-2024-2495 / ALSA-2024-565), and Amazon Linux (ALAS2024-2495 / A...
CVE-2024-25081
FontForge (fontforge) is affected by CVE-2024-25081: command injection via crafted filenames in Splinefont up to version 20230101. Connected advisories confirm the issue also for crafted archives/compressed files (CVE-2024-25082) and indicate patches released in multiple distributions (e.g., Debi...
CVE-2020-5395
FontForge 20190801 contains a use-after-free in SFD_GetFontMetaData() (sfd.c). Affected component: FontForge font editor. Root cause: use-after-free in SFD_GetFontMetaData(). Reported across multiple distributions with remediations: Debian LTS backported fixes to fontforge packages; Red Hat/CentO...
CVE-2020-5496
FontForge 20190801 is affected by a heap-based buffer overflow in Type2NotDefSplines() (splinesave.c) linked to CVE-2020-5496. Connected advisories confirm the issue across multiple distros, e.g., openSUSE openSUSE-2020:89, Debian DLA-3754-1, SUSE-SU-2020:0118-1, Mageia MGASA-2020-0057, and Gento...
CVE-2020-25690
FontForge is affected by CVE-2020-25690 due to an out-of-bounds write in SFD parsing (specifically LayerCount tokens) that can manipulate heap memory, causing a crash or arbitrary code execution. Affected: FontForge versions before 20200314. Root cause: parsing SFD data grants heap memory misuse....
CVE-2017-11576
CVE-2017-11576 affects FontForge (min. FontForge 20161012). The root cause is a check failure in a weight vector memcpy in readcfftopdict (parsettf.c), which can lead to a denial of service or recovery via a crafted OpenType font file. Public sources in connected documents confirm the vulnerabili...
CVE-2017-11568
FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines (psread.c), exposing the system to DoS or potential arbitrary code execution via a crafted OpenType font. Public advisories (e.g., SUSE MGASA-2018-0037 and Mageia MGASA-2018-0037) document a fontforge updat...
CVE-2017-11572
CVE-2017-11572 : FontForge 20161012 has a heap-based buffer over-read in readcfftopdicts (parsettf.c) that can lead to DoS or arbitrary code execution via a crafted OpenType font. Multiple connected advisories confirm this issue and document fixes in newer FontForge packages (e.g., updated to 201...
CVE-2017-11575
FontForge 20161012 is affected by CVE-2017-11575: a buffer over-read in strnmatch (char.c) can trigger DoS or code execution via a crafted OpenType font, linked to readttfcopyrights in parsettf.c. Multiple advisories confirm the issue and document fixes in later FontForge releases (e.g., updates ...
CVE-2017-11574
FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset (parsettf.c) triggered by a crafted OpenType font, leading to DoS or code execution. Public sources in connected documents show a fixed update (fontforge 20170731 per OSV SUSE-SU-2019:2236-1) and Mageia/Mageia advisori...
CVE-2017-11571
FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) that can cause DoS or code execution via a crafted OpenType font. Affected component: FontForge parser for TrueType/OpenType data. Root cause: stack-based overflow in addnibble when processing font data. I...
CVE-2017-11569
CVE-2017-11569 affects FontForge 20161012, with a heap-based buffer over-read in readttfcopyrights (parsettf.c) that can lead to DoS or code execution via a crafted OpenType font. Multiple linked advisories note the issue and document fixes in later releases (e.g., Mageia MGASA-2018-0037 and SUSE...
CVE-2017-11577
FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) that can lead to DoS or code execution via a crafted OpenType font (OTF). Exploitation details are described in the CVE-2017-11577 entry, and multiple sources indicate a fix in fontforge updates (e.g., SUSE and Mageia a...
CVE-2017-17521
CVE-2017-17521 concerns FontForge’s uiutil.c: it does not validate strings before launching the program specified by the BROWSER environment variable, enabling potential argument-injection via a crafted URL. Public mappings show affected products (FontForge) and fixes in vendor advisories: SUSE-S...
CVE-2017-11570
FontForge 20161012 is affected by a buffer over-read in umodenc (parsettf.c) that can lead to DoS or code execution when processing a crafted otf file. Root cause: buffer over-read in font parsing of TrueType/OpenType glyph data. Impact is dependent on attacker-controlled font files; in the publi...
CVE-2019-15785
CVE-2019-15785 – FontForge : Affected software is FontForge 20190813–20190820. The vulnerability is a buffer overflow in PrefsUI_LoadPrefs (prefs.c) caused by improper handling of data. This could enable code execution or other impact as described in public advisories; CVSS metrics indicate HIGH ...
CVE-2017-11573
FontForge 20161012 is affected by a buffer over-read in ValidatePostScriptFontName (parsettf.c), allowing DoS or code execution via a crafted OTF file. Multiple sources (NVD, Red Hat, SUSE, OSV references) confirm the issue (CVE-2017-11573). SUSE OSV notes a patch/update to 20170731 addressing th...
CVE-2025-15279
FontForge GUtils BMP File Parsing Heap-based Buffer Overflow (CVE-2025-15279) is a remote code execution vulnerability in FontForge. The flaw arises when parsing BMP pixel data and copying unvalidated user-supplied length to a heap buffer, allowing arbitrary code execution in the attacker’s conte...
CVE-2025-15270
FontForge SFD File Parsing vulnerabilities (CVE-2025-15270) arise from improper validation of data while parsing SFD files, causing out-of-bounds writes and remote code execution. The connected Mageia advisory confirms a FontForge fix in updated packages; other sources describe the same issue and...
CVE-2025-15269
FontForge vulnerability CVE-2025-15269 is a Use-After-Free in SFD file parsing that enables remote code execution. The flaw stems from not validating the existence of an object before operations, allowing an attacker to run code in the user’s context after the target opens a crafted SFD file/page...
CVE-2025-15271
FontForge (SFD file parser) is affected by CVE-2025-15271 due to improper validation of array indices, causing a write past the end of an allocated array. The flaw enables remote code execution with user interaction (the target must open a malicious SFD or visit a crafted page). The vulnerability...
CVE-2025-50949
Summary: CVE-2025-50949 affects FontForge v20230101, with a memory leak in DlgCreate8. The issue is documented across multiple advisories (SUSE/OpenSUSE SUSE-SU-2025:4353-1, SUSE-SU-2026:20016-1; OpenVAS entries; Amazon Linux ALAS2023-2025-1262 and ALAS2-2025-3063; TencentOS/TSSA-2025:0855), indi...
CVE-2025-15275
FontForge SFD File Parsing Heap-based Buffer Overflow (CVE-2025-15275) affects FontForge and enables remote code execution. The flaw occurs in the SFD parser, where the length of user-supplied data is not properly validated before copying to a heap-based buffer, allowing an attacker to run arbitr...
CVE-2025-15278
CVE-2025-15278 concerns FontForge GUtils XBM file parsing. The flaw is an integer overflow during parsing of pixels in XBM files, caused by inadequate validation of user-supplied data, which leads to an out-of-bounds buffer allocation and allows remote code execution in the affected process. The ...
CVE-2025-15274
FontForge (SFD file parsing) has a heap-based buffer overflow vulnerability that allows remote code execution. The flaw stems from improper validation of the length of user-supplied data before copying it into a heap buffer, enabling an attacker to run code in the caller’s context. Exploitation r...
CVE-2025-15273
CVE-2025-15273 concerns FontForge’s PFB file parsing. The issue is a stack-based buffer overflow caused by insufficient validation of the length of user-supplied data before copying to a fixed-size stack buffer, enabling remote code execution. It requires user interaction (target visits a malicio...
CVE-2025-15276
CVE-2025-15276 affects FontForge through a flaw in parsing SFD files that enables deserialization of untrusted data, leading to remote code execution. The issue arises from insufficient validation during SFD parsing, allowing an attacker to run code in the target’s process. Exploitation requires ...
CVE-2025-15277
CVE-2025-15277 affects FontForge’s GUtils SGI file parsing. The vulnerability is a heap-based buffer overflow in the SGI scanline parsing path caused by insufficient validation of the length of user-supplied data, enabling remote code execution in the context of the current process. Exploitation ...
CVE-2025-15272
CVE-2025-15272 affects FontForge via a heap-based buffer overflow in SFD file parsing. The flaw stems from insufficient validation of the length of user-supplied data before copying into a heap buffer, enabling remote code execution in the context of the current user. Exploitation requires user i...
CVE-2025-15280
CVE-2025-15280 describes a use-after-free in FontForge’s SFD file parsing. The flaw arises from not validating the existence of an object before performing operations during SFD parsing, enabling remote code execution in the context of the current user. Attacks require user interaction (target vi...
CVE-2025-50951
CVE-2025-50951 affects FontForge v20230101, with a memory leak in the utf7toutf8_copy function located in fontforge/sfd.c. The issue is documented with a memory-leak root cause; no exploitation details are provided in the connected documents. Impact is described via the CVSS base metrics as Avail...