Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

various vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv2

CVE-2014-9659

cff/cf2intrp.c in the CFF CharString interpreter in FreeType prior to 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote malicious users to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted...
Oracle Solaris 10.0Oracle Solaris 11.2Freetype FreetypeFedoraproject Fedora 20Fedoraproject Fedora 21Opensuse Opensuse 13.1Opensuse Opensuse 13.2Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04
7.5
CVSSv2

CVE-2014-9662

cff/cf2ft.c in FreeType prior to 2.5.4 does not validate the return values of point-allocation functions, which allows remote malicious users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.
Opensuse Opensuse 13.1Opensuse Opensuse 13.2Debian Debian Linux 7.0Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04Fedoraproject Fedora 20Fedoraproject Fedora 21Freetype Freetype
7.5
CVSSv2

CVE-2014-9665

The Load_SBit_Png function in sfnt/pngshim.c in FreeType prior to 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote malicious users to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other i...
Fedoraproject Fedora 20Fedoraproject Fedora 21Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.10Freetype FreetypeOpensuse Opensuse 13.1Opensuse Opensuse 13.2
7.5
CVSSv2

CVE-2014-9668

The woff_open_font function in sfnt/sfobjs.c in FreeType prior to 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote malicious users to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have ...
Opensuse Opensuse 13.1Opensuse Opensuse 13.2Fedoraproject Fedora 20Fedoraproject Fedora 21Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04Freetype Freetype
6.1
CVSSv3

CVE-2023-50378

Lack of proper input validation and constraint enforcement in Apache Ambari before 2.7.8 Impact : As it will be stored XSS, Could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads. Users are recommended t...
3.3
CVSSv3

CVE-2020-2517

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c. Difficult to exploit vulnerability allows high privileged attacker having Create Procedure, Create Database Lin...
Oracle Database Server 11.2.0.4Oracle Database Server 12.1.0.2Oracle Database Server 12.2.0.1Oracle Database Server 18cOracle Database Server 19c
7.8
CVSSv3

CVE-2023-49343

Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to pr...
Ubuntubudgie Budgie Extras
7.8
CVSSv3

CVE-2023-49346

Temporary data passed between application components by Budgie Extras WeatherShow applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file ...
Ubuntubudgie Budgie Extras
7.5
CVSSv2

CVE-2014-9674

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType prior to 2.5.4 proceeds with adding to length values without validating the original values, which allows remote malicious users to cause a denial of service (integer overflow and heap-based buffer overflow) or poss...
Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04Oracle Solaris 10.0Oracle Solaris 11.2Fedoraproject Fedora 20Fedoraproject Fedora 21Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Hpc Node 6.0
5
CVSSv2

CVE-2006-0347

Directory traversal vulnerability in ELOG prior to 2.6.1 allows remote malicious users to access arbitrary files outside of the elog directory via "../" (dot dot) sequences in the URL.
Stefan Ritt Elog Web Logbook 2.0.0Stefan Ritt Elog Web Logbook 2.0.1Stefan Ritt Elog Web Logbook 2.0.2Stefan Ritt Elog Web Logbook 2.0.3Stefan Ritt Elog Web Logbook 2.0.4Stefan Ritt Elog Web Logbook 2.0.5Stefan Ritt Elog Web Logbook 2.1.0Stefan Ritt Elog Web Logbook 2.1.1Stefan Ritt Elog Web Logbook 2.1.2Stefan Ritt Elog Web Logbook 2.1.3Stefan Ritt Elog Web Logbook 2.2.0Stefan Ritt Elog Web Logbook 2.2.1
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
directory listings wordpress plugin – ulistingpostquantum-feldman-vssmatioCVE-2025-20115CVE-2025-2025HTML injectionSSTICVE-2025-2310CVE-2025-27363CVE-2025-2343logicaldoc enterpriseCVE-2025-2163dos
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook