Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freetype freetype vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-7864
FreeType 2 prior to 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
Freetype Freetype
NA
CVE-2007-2754
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and previous versions might allow remote malicious users to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.
Freetype Freetype
9.8
CVSSv3
CVE-2017-7857
FreeType 2 prior to 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
Freetype Freetype
6.5
CVSSv3
CVE-2018-6942
An issue exists in FreeType 2 up to and including 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
Freetype Freetype
Canonical Ubuntu Linux 17.10
7.8
CVSSv3
CVE-2016-10244
The parse_charstrings function in type1/t1load.c in FreeType 2 prior to 2.7 does not ensure that a font contains a glyph name, which allows remote malicious users to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted fi...
Freetype Freetype
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2017-8105
FreeType 2 prior to 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
Freetype Freetype
Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2015-9381
FreeType prior to 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
Freetype Freetype
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2015-9382
FreeType prior to 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.
Freetype Freetype
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2016-10328
FreeType 2 prior to 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
Freetype Freetype
Oracle Outside In Technology 8.5.4
NA
CVE-2010-2497
Integer underflow in glyph handling in FreeType prior to 2.4.0 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Freetype Freetype
Apple Mac Os X
Debian Debian Linux 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »