Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

various vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2

CVE-2014-9670

Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType prior to 2.5.4 allow remote malicious users to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies neg...
Debian Debian Linux 7.0Opensuse Opensuse 13.1Opensuse Opensuse 13.2Fedoraproject Fedora 20Fedoraproject Fedora 21Oracle Solaris 10.0Oracle Solaris 11.2Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Hpc Node 6Redhat Enterprise Linux Hpc Node 7.0Redhat Enterprise Linux Hpc Node Eus 7.1
10
CVSSv2

CVE-2003-0240

The web-based administration capability for various Axis Network Camera products allows remote malicious users to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).
Axis 2100 Network CameraAxis 2110 Network CameraAxis 2120 Network CameraAxis 2130 Ptz Network CameraAxis 2400 Video ServerAxis 2401 Video ServerAxis 2420 Network CameraAxis 2460 Network DvrAxis 250s Video Server
4.3
CVSSv2

CVE-2014-9671

Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType prior to 2.5.4 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incre...
Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Hpc Node 6Redhat Enterprise Linux Hpc Node 7.0Redhat Enterprise Linux Hpc Node Eus 7.1Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Server Eus 6.6.zRedhat Enterprise Linux Server Eus 7.1Redhat Enterprise Linux Workstation 6.0Redhat Enterprise Linux Workstation 7.0Debian Debian Linux 7.0
6.8
CVSSv2

CVE-2014-9673

Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType prior to 2.5.4 allows remote malicious users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04Debian Debian Linux 7.0Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Hpc Node 6.0Redhat Enterprise Linux Hpc Node 7.0Redhat Enterprise Linux Hpc Node Eus 7.1Redhat Enterprise Linux Server 6.0
5
CVSSv2

CVE-2014-9675

bdf/bdflib.c in FreeType prior to 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote malicious users to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04Freetype FreetypeDebian Debian Linux 7.0Fedoraproject Fedora 20Fedoraproject Fedora 21Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Hpc Node 6.0
7.5
CVSSv2

CVE-2014-9657

The tt_face_load_hdmx function in truetype/ttpload.c in FreeType prior to 2.5.4 does not establish a minimum record size, which allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
Opensuse Opensuse 13.1Opensuse Opensuse 13.2Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Hpc Node 6.0Redhat Enterprise Linux Hpc Node 7.0Redhat Enterprise Linux Hpc Node Eus 7.1Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Server Eus 6.6.zRedhat Enterprise Linux Server Eus 7.1Redhat Enterprise Linux Workstation 6.0
7.5
CVSSv2

CVE-2014-9658

The tt_face_load_kern function in sfnt/ttkern.c in FreeType prior to 2.5.4 enforces an incorrect minimum table length, which allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
Oracle Solaris 10.0Oracle Solaris 11.2Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04Fedoraproject Fedora 20Fedoraproject Fedora 21Freetype FreetypeDebian Debian Linux 7.0Opensuse Opensuse 13.1
7.5
CVSSv2

CVE-2014-9663

The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType prior to 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly have unspecified ...
Freetype FreetypeDebian Debian Linux 7.0Opensuse Opensuse 13.1Opensuse Opensuse 13.2Fedoraproject Fedora 20Fedoraproject Fedora 21Oracle Solaris 10.0Oracle Solaris 11.2Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10
6.8
CVSSv2

CVE-2014-9664

FreeType prior to 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c a...
Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Hpc Node 6Redhat Enterprise Linux Hpc Node 7.0Redhat Enterprise Linux Hpc Node Eus 7.1Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Server Eus 6.6.zRedhat Enterprise Linux Server Eus 7.1Redhat Enterprise Linux Workstation 6.0Redhat Enterprise Linux Workstation 7.0Debian Debian Linux 7.0
6.8
CVSSv2

CVE-2014-9667

sfnt/ttload.c in FreeType prior to 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote malicious users to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFN...
Debian Debian Linux 7.0Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04Fedoraproject Fedora 20Fedoraproject Fedora 21Freetype FreetypeOpensuse Opensuse 13.1Opensuse Opensuse 13.2Redhat Enterprise Linux Desktop 6.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-46485cross-site scriptingCVE-2025-34028sherpaCVE-2025-46506cross-site request forgerycovid-19 (coronavirus) update your customerscameraCVE-2025-46489availability calendarbas mattheeCVE-2025-46502CVE-2025-32433
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook