Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
font project font vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2023-25442
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Marcel Pol Zeno Font Resizer plugin <= 1.7.9 versions.
Zeno Font Resizer Project Zeno Font Resizer
NA
CVE-2004-0083
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 up to and including 4.3.0 allows local users and remote malicious users to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.2.0
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
1 EDB exploit
NA
CVE-2002-1317
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
Xfree86 Project X11r6 3.3.4
Xfree86 Project X11r6 3.3.5
Sgi Irix 6.5.2
Sgi Irix 6.5.3
Xfree86 Project X11r6 3.3
Sgi Irix 6.5.10
Sgi Irix 6.5.11
Sgi Irix 6.5.6
Sgi Irix 6.5.7
Sgi Irix 6.5.8
Xfree86 Project X11r6 3.3.2
Xfree86 Project X11r6 3.3.3
Sgi Irix 6.5.12
Sgi Irix 6.5.13
Sgi Irix 6.5.9
Sgi Irix 6.5
Sgi Irix 6.5.1
Sgi Irix 6.5.4
Sgi Irix 6.5.5
Hp Hp-ux 10.10
Hp Hp-ux 10.20
Sun Solaris 2.5.1
1 EDB exploit
7.5
CVSSv3
CVE-2022-41343
registerFont in FontMetrics.php in Dompdf prior to 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.
Dompdf Project Dompdf
3 Github repositories
NA
CVE-2007-1351
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont prior to 20070403 and (2) freetype 2.3.2 and previous versions allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
Ubuntu Ubuntu Linux 6.06 Lts
Ubuntu Ubuntu Linux 5.10
Ubuntu Ubuntu Linux 6.10
X.org Libxfont 1.2.2
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.3.0.1
Xfree86 Project X11r6 4.3.0.2
Rpath Rpath Linux 1
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux 5.0
Openbsd Openbsd 3.9
Openbsd Openbsd 4.0
Mandrakesoft Mandrake Multi Network Firewall 2.0
NA
CVE-2004-0084
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CV...
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.1.0
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
1 EDB exploit
5.5
CVSSv3
CVE-2022-23319
A segmentation fault during PCF file parsing in pcf2bdf versions >=1.05 allows an malicious user to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components.
Pcf2bdf Project Pcf2bdf 1.04
Pcf2bdf Project Pcf2bdf 1.05
7.1
CVSSv3
CVE-2022-23318
A heap-buffer-overflow in pcf2bdf, versions >= 1.05 allows an malicious user to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent imp...
Pcf2bdf Project Pcf2bdf 1.04
Pcf2bdf Project Pcf2bdf 1.05
NA
CVE-2004-0106
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084.
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.1.11
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
5.5
CVSSv3
CVE-2021-39542
An issue exists in pdftools up to and including 20200714. A NULL pointer dereference exists in the function Font::Size() located in font.cpp. It allows an malicious user to cause Denial of Service.
Pdftools Project Pdftools
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »