Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freetype vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2015-9290
In FreeType prior to 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.
Freetype Freetype
668
VMScore
CVE-2017-8287
FreeType 2 prior to 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
Freetype Freetype
668
VMScore
CVE-2017-8105
FreeType 2 prior to 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
Freetype Freetype
Debian Debian Linux 8.0
668
VMScore
CVE-2017-7858
FreeType 2 prior to 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
Freetype Freetype
668
VMScore
CVE-2016-10328
FreeType 2 prior to 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
Freetype Freetype
Oracle Outside In Technology 8.5.4
668
VMScore
CVE-2017-7857
FreeType 2 prior to 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
Freetype Freetype
668
VMScore
CVE-2017-7864
FreeType 2 prior to 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
Freetype Freetype
668
VMScore
CVE-2014-9746
The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType prior to 2.5.4 do not check return values, wh...
Freetype Freetype
Debian Debian Linux 8.0
Debian Debian Linux 7.0
668
VMScore
CVE-2014-9659
cff/cf2intrp.c in the CFF CharString interpreter in FreeType prior to 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote malicious users to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted...
Oracle Solaris 10.0
Oracle Solaris 11.2
Freetype Freetype
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
668
VMScore
CVE-2014-9662
cff/cf2ft.c in FreeType prior to 2.5.4 does not validate the return values of point-allocation functions, which allows remote malicious users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Debian Debian Linux 7.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Freetype Freetype
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »