Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freetype vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0747
Integer underflow in Freetype prior to 2.2 allows remote malicious users to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
Freetype Freetype
1 EDB exploit
9.8
CVSSv3
CVE-2017-8287
FreeType 2 prior to 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
Freetype Freetype
9.8
CVSSv3
CVE-2015-9290
In FreeType prior to 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.
Freetype Freetype
6.5
CVSSv3
CVE-2015-9382
FreeType prior to 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.
Freetype Freetype
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-6942
An issue exists in FreeType 2 up to and including 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
Freetype Freetype
Canonical Ubuntu Linux 17.10
7.8
CVSSv3
CVE-2016-10244
The parse_charstrings function in type1/t1load.c in FreeType 2 prior to 2.7 does not ensure that a font contains a glyph name, which allows remote malicious users to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted fi...
Freetype Freetype
Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2015-9381
FreeType prior to 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
Freetype Freetype
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2017-8105
FreeType 2 prior to 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
Freetype Freetype
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2016-10328
FreeType 2 prior to 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
Freetype Freetype
Oracle Outside In Technology 8.5.4
NA
CVE-2010-2497
Integer underflow in glyph handling in FreeType prior to 2.4.0 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Freetype Freetype
Apple Mac Os X
Debian Debian Linux 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »