Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freetype vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-6942
An issue exists in FreeType 2 up to and including 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
Freetype Freetype
Canonical Ubuntu Linux 17.10
4.3
CVSSv2
CVE-2017-14989
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows malicious users to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code.
Imagemagick Imagemagick 7.0.7-4
7.5
CVSSv2
CVE-2017-8287
FreeType 2 prior to 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
Freetype Freetype
7.5
CVSSv2
CVE-2017-8105
FreeType 2 prior to 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
Freetype Freetype
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2016-10328
FreeType 2 prior to 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
Freetype Freetype
Oracle Outside In Technology 8.5.4
7.5
CVSSv2
CVE-2017-7864
FreeType 2 prior to 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
Freetype Freetype
7.5
CVSSv2
CVE-2017-7857
FreeType 2 prior to 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
Freetype Freetype
7.5
CVSSv2
CVE-2017-7858
FreeType 2 prior to 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
Freetype Freetype
6.8
CVSSv2
CVE-2016-10244
The parse_charstrings function in type1/t1load.c in FreeType 2 prior to 2.7 does not ensure that a font contains a glyph name, which allows remote malicious users to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted fi...
Freetype Freetype
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2014-9746
The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType prior to 2.5.4 do not check return values, wh...
Freetype Freetype
Debian Debian Linux 8.0
Debian Debian Linux 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »