CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 1CVE-2022-27404 – FreeType: Buffer overflow in sfnt_init_face
https://notcve.org/view.php?id=CVE-2022-27404
22 Apr 2022 — FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. Se ha detectado que el commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f de FreeType contenía un desbordamiento del búfer de la pila por medio de la función sfnt_init_face A heap buffer overflow flaw was found in Freetype’s sfnt_init_face() function in the sfobjs.c file. The vulnerability occurs when creating a face with a strange file and invalid index. This flaw allows a... • https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-27405 – FreeType: Segmentation violation via FNT_Size_Request
https://notcve.org/view.php?id=CVE-2022-27405
22 Apr 2022 — FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request. Se ha detectado que el commit 53dfdcd8198d2b3201a23c4bad9190519ba918db de FreeType contenía una violación de segmentación por medio de la función FNT_Size_Request A segmentation fault was found in the FreeType library. This flaw allows an attacker to attempt access to a memory location in a way that could cause an application to halt or crash, leading to a denial of ... • http://freetype.com • CWE-125: Out-of-bounds Read CWE-824: Access of Uninitialized Pointer •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-27406 – Freetype: Segmentation violation via FT_Request_Size
https://notcve.org/view.php?id=CVE-2022-27406
22 Apr 2022 — FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size. Se ha detectado que el commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 de FreeType contenía una violación de segmentación por medio de la función FT_Request_Size A segmentation fault was found in FreeType’s FT_Request_Size() function in the ftobjs.c file. This flaw allows an attacker to access a memory location in a way that could cause an application to halt or crash... • http://freetype.com • CWE-125: Out-of-bounds Read CWE-824: Access of Uninitialized Pointer •
CVSS: 9.6EPSS: 12%CPEs: 5EXPL: 6CVE-2020-15999 – Google Chrome FreeType Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2020-15999
20 Oct 2020 — Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Freetype en Google Chrome anterior a versión 86.0.4240.111, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada A heap buffer overflow leading to out-of-bounds write was found in freetype. Memory allocation based on truncated PNG width and heig... • https://packetstorm.news/files/id/159754 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2015-9383 – Ubuntu Security Notice USN-4126-1
https://notcve.org/view.php?id=CVE-2015-9383
03 Sep 2019 — FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c. FreeType en versiones anteriores a la 2.6.2 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en tt_cmap14_validate en sfnt/ttcmap.c. USN-4126-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that FreeType incorrectly handled certain font files. • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2015-9382 – freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read
https://notcve.org/view.php?id=CVE-2015-9382
03 Sep 2019 — FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation. FreeType en versiones anteriores a la. 6.1 tiene una sobrelectura de búfer en skip_comment en psaux/psobjs.c porque ps_parser_skip_PS_token se controla incorrectamente en una operación FT_New_Memory_Face. FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs e... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2015-9381 – freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash
https://notcve.org/view.php?id=CVE-2015-9381
03 Sep 2019 — FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c. FreeType en versiones anteriores a la 2.6.1 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en T1_Get_Private_Dict en type1/t1parse.c. USN-4126-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that FreeType incorrectly handled certain font files. • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-9290
https://notcve.org/view.php?id=CVE-2015-9290
30 Jul 2019 — In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again. En FreeType anterior a versión 2.6.1, se presenta una lectura excesiva de búfer en el archivo type1/t1parse.c en la función T1_Get_Private_Dict, donde no hay ninguna comprobación de que los nuevos valores de cur y limit son razonables antes de ir a Again. • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=e3058617f384cb6709f3878f753fa17aca9e3a30 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6942 – Ubuntu Security Notice USN-3572-1
https://notcve.org/view.php?id=CVE-2018-6942
13 Feb 2018 — An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file. Se ha descubierto un problema hasta la versión 2.9 de FreeType 2. Una desreferencia de puntero NULL en la función Ins_GETVARIATION() en ttinterp.c podría conducir a DoS mediante un archivo de fuentes manipulado. It was discovered that FreeType incorrectly handled certain files. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00054.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8287 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2017-8287
27 Apr 2017 — FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. FreeType 2 antes de 2017-03-26 tiene una escritura fuera de límites causada por un desbordamiento de búfer basado en heap relacionado con la función t1_builder_close_contour en psaux / psobjs.c. It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a ... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •