Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freetype vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2015-9290
In FreeType prior to 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.
Freetype Freetype
7.5
CVSSv2
CVE-2017-7858
FreeType 2 prior to 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
Freetype Freetype
7.5
CVSSv2
CVE-2007-3506
The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent malicious users to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug.&q...
Freetype Freetype
4.3
CVSSv2
CVE-2018-6942
An issue exists in FreeType 2 up to and including 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
Freetype Freetype
Canonical Ubuntu Linux 17.10
7.5
CVSSv2
CVE-2017-8105
FreeType 2 prior to 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
Freetype Freetype
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2015-9381
FreeType prior to 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
Freetype Freetype
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2015-9382
FreeType prior to 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.
Freetype Freetype
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2016-10244
The parse_charstrings function in type1/t1load.c in FreeType 2 prior to 2.7 does not ensure that a font contains a glyph name, which allows remote malicious users to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted fi...
Freetype Freetype
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2016-10328
FreeType 2 prior to 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
Freetype Freetype
Oracle Outside In Technology 8.5.4
6.8
CVSSv2
CVE-2010-2497
Integer underflow in glyph handling in FreeType prior to 2.4.0 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Freetype Freetype
Apple Mac Os X
Debian Debian Linux 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »