Vulnerabilities (CVE)

Filtered by vendor Freetype Subscribe
Total 92 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-2661 3 Canonical, Debian, Freetype 3 Ubuntu Linux, Debian Linux, Freetype 2024-11-21 5.0 MEDIUM N/A
ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.
CVE-2006-1861 1 Freetype 1 Freetype 2024-11-21 7.5 HIGH N/A
Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493.
CVE-2006-0747 1 Freetype 1 Freetype 2024-11-21 5.0 MEDIUM N/A
Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
CVE-2020-15999 5 Debian, Fedoraproject, Freetype and 2 more 5 Debian Linux, Fedora, Freetype and 2 more 2024-07-25 4.3 MEDIUM 6.5 MEDIUM
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-27406 2 Fedoraproject, Freetype 2 Fedora, Freetype 2024-02-29 5.0 MEDIUM 7.5 HIGH
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
CVE-2022-27405 2 Fedoraproject, Freetype 2 Fedora, Freetype 2024-02-29 5.0 MEDIUM 7.5 HIGH
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
CVE-2022-27404 2 Fedoraproject, Freetype 2 Fedora, Freetype 2024-02-29 7.5 HIGH 9.8 CRITICAL
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
CVE-2015-9381 2 Debian, Freetype 2 Debian Linux, Freetype 2024-02-04 6.8 MEDIUM 8.8 HIGH
FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
CVE-2015-9383 3 Canonical, Debian, Freetype 3 Ubuntu Linux, Debian Linux, Freetype 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.
CVE-2015-9290 1 Freetype 1 Freetype 2024-02-04 7.5 HIGH 9.8 CRITICAL
In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.
CVE-2015-9382 2 Debian, Freetype 2 Debian Linux, Freetype 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.
CVE-2018-6942 2 Canonical, Freetype 2 Ubuntu Linux, Freetype 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.