Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
font project font vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2021-24977
The Use Any Font | Custom Font Uploader WordPress plugin prior to 6.2.1 does not have any authorisation checks when assigning a font, allowing unauthenticated users to sent arbitrary CSS which will then be processed by the frontend for all users. Due to the lack of sanitisation a...
Use Any Font Project Use Any Font
10
CVSSv2
CVE-2004-0083
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 up to and including 4.3.0 allows local users and remote malicious users to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.1.11
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
1 EDB exploit
7.5
CVSSv2
CVE-2002-1317
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
Sgi Irix 6.5.6
Xfree86 Project X11r6 3.3.4
Sgi Irix 6.5.1
Sgi Irix 6.5.10
Sgi Irix 6.5.12
Sgi Irix 6.5.9
Xfree86 Project X11r6 3.3
Sgi Irix 6.5.3
Sgi Irix 6.5.8
Sgi Irix 6.5.5
Xfree86 Project X11r6 3.3.2
Sgi Irix 6.5.4
Xfree86 Project X11r6 3.3.5
Sgi Irix 6.5.11
Sgi Irix 6.5.2
Sgi Irix 6.5
Sgi Irix 6.5.7
Xfree86 Project X11r6 3.3.3
Sgi Irix 6.5.13
Hp Hp-ux 11.11
Sun Solaris 2.5.1
Hp Hp-ux 11.04
1 EDB exploit
NA
CVE-2022-41343
registerFont in FontMetrics.php in Dompdf prior to 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.
Dompdf Project Dompdf
3 Github repositories
8.5
CVSSv2
CVE-2007-1351
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont prior to 20070403 and (2) freetype 2.3.2 and previous versions allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
Ubuntu Ubuntu Linux 6.10
Ubuntu Ubuntu Linux 5.10
Ubuntu Ubuntu Linux 6.06 Lts
Xfree86 Project X11r6 4.3.0.2
Xfree86 Project X11r6 4.3.0
X.org Libxfont 1.2.2
Xfree86 Project X11r6 4.3.0.1
Rpath Rpath Linux 1
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux Desktop 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux Desktop 4.0
Openbsd Openbsd 3.9
Openbsd Openbsd 4.0
Mandrakesoft Mandrake Multi Network Firewall 2.0
10
CVSSv2
CVE-2004-0084
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CV...
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.1.11
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
1 EDB exploit
4.3
CVSSv2
CVE-2022-23319
A segmentation fault during PCF file parsing in pcf2bdf versions >=1.05 allows an malicious user to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components.
Pcf2bdf Project Pcf2bdf 1.04
Pcf2bdf Project Pcf2bdf 1.05
5.8
CVSSv2
CVE-2022-23318
A heap-buffer-overflow in pcf2bdf, versions >= 1.05 allows an malicious user to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent imp...
Pcf2bdf Project Pcf2bdf 1.04
Pcf2bdf Project Pcf2bdf 1.05
7.2
CVSSv2
CVE-2004-0106
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084.
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.1.11
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
4.3
CVSSv2
CVE-2021-39542
An issue exists in pdftools up to and including 20200714. A NULL pointer dereference exists in the function Font::Size() located in font.cpp. It allows an malicious user to cause Denial of Service.
Pdftools Project Pdftools
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »