[Git][security-tracker-team/security-tracker][master] Add new FontForge issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 31 08:36:24 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8a7c50de by Salvatore Bonaccorso at 2025-12-31T09:35:59+01:00
Add new FontForge issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57,29 +57,41 @@ CVE-2025-15356 (A vulnerability has been found in Tenda AC20 up to 16.03.08.12.
CVE-2025-15354 (A flaw has been found in itsourcecode Society Management System 1.0. T ...)
NOT-FOR-US: itsourcecode System
CVE-2025-15280 (FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulner ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1188/
CVE-2025-15279 (FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Co ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1184/
CVE-2025-15278 (FontForge GUtils XBM File Parsing Integer Overflow Remote Code Executi ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1185/
CVE-2025-15277 (FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Co ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1186/
CVE-2025-15276 (FontForge SFD File Parsing Deserialization of Untrusted Data Remote Co ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1187/
CVE-2025-15275 (FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Exec ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1189/
CVE-2025-15274 (FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Exec ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1190/
CVE-2025-15273 (FontForge PFB File Parsing Stack-based Buffer Overflow Remote Code Exe ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1191/
CVE-2025-15272 (FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Exec ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1192/
CVE-2025-15271 (FontForge SFD File Parsing Improper Validation of Array Index Remote C ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1193/
CVE-2025-15270 (FontForge SFD File Parsing Improper Validation of Array Index Remote C ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1194/
CVE-2025-15269 (FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulner ...)
- TODO: check
+ - fontforge <unfixed>
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1195/
CVE-2025-15223 (A vulnerability was found in Philipinho Simple-PHP-Blog up to 94b5d3e5 ...)
TODO: check
CVE-2025-15114 (Ksenia Security Lares 4.0 Home Automation version 1.6 contains a criti ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a7c50dea8d92de883da60da6061f4518e7a4893
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a7c50dea8d92de883da60da6061f4518e7a4893
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251231/08f35b0b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list