Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
graphite2 vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2017-7771
Out-of-bounds read in Graphite2 Library in Firefox prior to 54 in graphite2::Pass::readPass function.
Mozilla Firefox
Sil Graphite2
6.8
CVSSv2
CVE-2017-7773
Heap-based Buffer Overflow write in Graphite2 library in Firefox prior to 54 in lz4::decompress src/Decompressor.
Mozilla Firefox
Sil Graphite2
6.4
CVSSv2
CVE-2017-7774
Out-of-bounds read in Graphite2 Library in Firefox prior to 54 in graphite2::Silf::readGraphite function.
Mozilla Firefox
Sil Graphite2
5.8
CVSSv2
CVE-2017-7776
Heap-based Buffer Overflow read in Graphite2 library in Firefox prior to 54 in graphite2::Silf::getClassGlyph.
Sil Graphite2
Mozilla Firefox
6.8
CVSSv2
CVE-2017-7777
Use of uninitialized memory in Graphite2 library in Firefox prior to 54 in graphite2::GlyphCache::Loader::read_glyph function.
Sil Graphite2
Mozilla Firefox
NA
CVE-2017-7775
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
6.8
CVSSv2
CVE-2017-7772
Heap-based Buffer Overflow in Graphite2 library in Firefox prior to 54 in lz4::decompress function.
Mozilla Firefox
Sil Graphite2
6.8
CVSSv2
CVE-2018-7999
In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow malicious users to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file.
Sil Graphite2 1.3.11
6.8
CVSSv2
CVE-2016-1969
The setAttr function in Graphite 2 prior to 1.3.6, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.6.1, allows remote malicious users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smar...
Sil Graphite2
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
6.8
CVSSv2
CVE-2016-2790
The graphite2::TtfUtil::GetTableInfo function in Graphite 2 prior to 1.3.6, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, does not initialize memory for an unspecified data structure, which allows remote malicious users to cause a denial of service ...
Suse Linux Enterprise 12.0
Opensuse Opensuse 13.2
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Mozilla Firefox
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.2.1
Sil Graphite2
Oracle Linux 5.0
Oracle Linux 6
Oracle Linux 7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »