Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8a7c50de by Salvatore Bonaccorso at 2025-12-31T09:35:59+01:00
Add new FontForge issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57,29 +57,41 @@ CVE-2025-15356 (A vulnerability has been found in Tenda
AC20 up to 16.03.08.12.
CVE-2025-15354 (A flaw has been found in itsourcecode Society Management
System 1.0. T ...)
NOT-FOR-US: itsourcecode System
CVE-2025-15280 (FontForge SFD File Parsing Use-After-Free Remote Code
Execution Vulner ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1188/
CVE-2025-15279 (FontForge GUtils BMP File Parsing Heap-based Buffer Overflow
Remote Co ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1184/
CVE-2025-15278 (FontForge GUtils XBM File Parsing Integer Overflow Remote Code
Executi ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1185/
CVE-2025-15277 (FontForge GUtils SGI File Parsing Heap-based Buffer Overflow
Remote Co ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1186/
CVE-2025-15276 (FontForge SFD File Parsing Deserialization of Untrusted Data
Remote Co ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1187/
CVE-2025-15275 (FontForge SFD File Parsing Heap-based Buffer Overflow Remote
Code Exec ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1189/
CVE-2025-15274 (FontForge SFD File Parsing Heap-based Buffer Overflow Remote
Code Exec ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1190/
CVE-2025-15273 (FontForge PFB File Parsing Stack-based Buffer Overflow Remote
Code Exe ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1191/
CVE-2025-15272 (FontForge SFD File Parsing Heap-based Buffer Overflow Remote
Code Exec ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1192/
CVE-2025-15271 (FontForge SFD File Parsing Improper Validation of Array Index
Remote C ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1193/
CVE-2025-15270 (FontForge SFD File Parsing Improper Validation of Array Index
Remote C ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1194/
CVE-2025-15269 (FontForge SFD File Parsing Use-After-Free Remote Code
Execution Vulner ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1195/
CVE-2025-15223 (A vulnerability was found in Philipinho Simple-PHP-Blog up to
94b5d3e5 ...)
TODO: check
CVE-2025-15114 (Ksenia Security Lares 4.0 Home Automation version 1.6 contains
a criti ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a7c50dea8d92de883da60da6061f4518e7a4893
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a7c50dea8d92de883da60da6061f4518e7a4893
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
