| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|
| CVE-2025-15280 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulner ... |
| CVE-2025-15279 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Co ... |
| CVE-2025-15278 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge GUtils XBM File Parsing Integer Overflow Remote Code Executi ... |
| CVE-2025-15277 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Co ... |
| CVE-2025-15276 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge SFD File Parsing Deserialization of Untrusted Data Remote Co ... |
| CVE-2025-15275 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Exec ... |
| CVE-2025-15274 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Exec ... |
| CVE-2025-15273 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge PFB File Parsing Stack-based Buffer Overflow Remote Code Exe ... |
| CVE-2025-15272 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Exec ... |
| CVE-2025-15271 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge SFD File Parsing Improper Validation of Array Index Remote C ... |
| CVE-2025-15270 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge SFD File Parsing Improper Validation of Array Index Remote C ... |
| CVE-2025-15269 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulner ... |
| Bug | Description |
|---|
| CVE-2024-25082 | Splinefont in FontForge through 20230101 allows command injection via ... |
| CVE-2024-25081 | Splinefont in FontForge through 20230101 allows command injection via ... |
| CVE-2020-25690 | An out-of-bounds write flaw was found in FontForge in versions before ... |
| CVE-2020-5496 | FontForge 20190801 has a heap-based buffer overflow in the Type2NotDef ... |
| CVE-2020-5395 | FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd. ... |
| CVE-2019-15785 | FontForge 20190813 through 20190820 has a buffer overflow in PrefsUI_L ... |
| CVE-2017-11577 | FontForge 20161012 is vulnerable to a buffer over-read in getsid (pars ... |
| CVE-2017-11576 | FontForge 20161012 does not ensure a positive size in a weight vector ... |
| CVE-2017-11575 | FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (c ... |
| CVE-2017-11574 | FontForge 20161012 is vulnerable to a heap-based buffer overflow in re ... |
| CVE-2017-11572 | FontForge 20161012 is vulnerable to a heap-based buffer over-read in r ... |
| CVE-2017-11571 | FontForge 20161012 is vulnerable to a stack-based buffer overflow in a ... |
| CVE-2017-11569 | FontForge 20161012 is vulnerable to a heap-based buffer over-read in r ... |
| CVE-2017-11568 | FontForge 20161012 is vulnerable to a heap-based buffer over-read in P ... |
| CVE-2010-4259 | Stack-based buffer overflow in FontForge 20100501 allows remote attack ... |