Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

fontforge — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in fontforge, with AI-generated Chinese analysis, references, and POCs.

Vendor: n/a

CVE IDTitleCVSSSeverityPublished
CVE-2025-15279 FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 7.8 -2025-12-31
CVE-2025-15278 FontForge GUtils XBM File Parsing Integer Overflow Remote Code Execution Vulnerability CWE-190 7.8 -2025-12-31
CVE-2025-15277 FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 7.8 -2025-12-31
CVE-2025-15276 FontForge SFD File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability CWE-502 7.8 -2025-12-31
CVE-2025-15280 FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability CWE-416 7.8 -2025-12-31
CVE-2025-15275 FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 7.8 -2025-12-31
CVE-2025-15274 FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 7.8 -2025-12-31
CVE-2025-15273 FontForge PFB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability CWE-121 7.8 -2025-12-31
CVE-2025-15272 FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 7.8 -2025-12-31
CVE-2025-15271 FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability CWE-129 7.8 -2025-12-31
CVE-2025-15270 FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability CWE-129 7.8 -2025-12-31
CVE-2025-15269 FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability CWE-416 7.8 -2025-12-31
CVE-2020-25690 Red Hat Enterprise Linux 8 缓冲区错误漏洞 CWE-119 8.8 -2021-02-23

All 13 known CVE vulnerabilities affecting fontforge with full Chinese analysis, references, and POCs where available.