pkg:Debian/fontforge
35 total CVEsHIGH27MEDIUM6
✅ Check your installed version
All known vulnerabilities
- from 0
- HIGH8.8CVE-2025-15275FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.from 0
- HIGH8.8CVE-2025-15274FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.from 0
- HIGH8.8CVE-2025-15273FontForge PFB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability.from 0
- HIGH8.8CVE-2025-15272FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.from 0
- HIGH8.8CVE-2025-15271FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability.from 0
- HIGH8.8CVE-2025-15270FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability.from 0
- from 0
- HIGH8.8CVE-2020-5496FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c.from 0, < 1:20201107~dfsg-1
- from 0, < 1:20201107~dfsg-1
- from 0, < 1:20170731~dfsg-1+deb10u1
- HIGH8.8CVE-2017-17521uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable…from 0
- HIGH7.8CVE-2025-15279FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.from 0
- HIGH7.8CVE-2025-15278FontForge GUtils XBM File Parsing Integer Overflow Remote Code Execution Vulnerability.from 0
- HIGH7.8CVE-2025-15277FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.from 0
- HIGH7.8CVE-2025-15276FontForge SFD File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability.from 0
- HIGH7.8CVE-2017-11577FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) resulting in DoS or code execution via a crafted otf file.from 0, < 1:20170731~dfsg-1
- HIGH7.8CVE-2017-11575FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (char.c) resulting in DoS or code execution via a crafted otf file, rel…from 0, < 1:20170731~dfsg-1
- HIGH7.8CVE-2017-11574FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset (parsettf.c) resulting in DoS or code execution via a crafte…from 0, < 1:20170731~dfsg-1
- HIGH7.8CVE-2017-11573FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName (parsettf.c) resulting in DoS or code execution via a…from 0
- HIGH7.8CVE-2017-11572FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a…from 0, < 1:20170731~dfsg-1
- HIGH7.8CVE-2017-11571FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) resulting in DoS or code execution via a crafte…from 0, < 1:20170731~dfsg-1
- HIGH7.8CVE-2017-11570FontForge 20161012 is vulnerable to a buffer over-read in umodenc (parsettf.c) resulting in DoS or code execution via a crafted otf file.from 0
- HIGH7.8CVE-2017-11569FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via…from 0, < 1:20170731~dfsg-1
- from 0, < 1:20170731~dfsg-1
- from 0, < 0.0.20120101+git-2+deb7u1
- from 0, < 20120731.b-5+deb8u1
- MEDIUM6.5CVE-2025-50951FontForge v20230101 was discovered to contain a memory leak via the utf7toutf8_copy function at /fontforge/sfd.c.from 0
- MEDIUM6.5CVE-2025-50949FontForge v20230101 was discovered to contain a memory leak via the component DlgCreate8.from 0
- MEDIUM6.5CVE-2024-25082Splinefont in FontForge through 20230101 allows command injection via crafted archives or compressed files.from 0, < 1:20201107~dfsg-4+deb11u1
- MEDIUM5.5CVE-2017-11576FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a cra…from 0, < 1:20170731~dfsg-1
- from 0, < 1:20201107~dfsg-4+deb11u1
- from 0, < 1:20201107~dfsg-4+deb11u1
- from 0, < 0.0.20080429-1+lenny2
- from 0, < 0.0.20100501-4