USN-6856-1: FontForge vulnerabilities

Read Time:25 Second

It was discovered that FontForge incorrectly handled filenames. If a user or an
automated system were tricked into opening a specially crafted input file, a
remote attacker could possibly use this issue to perform a command injection.
(CVE-2024-25081)

It was discovered that FontForge incorrectly handled archives and compressed
files. If a user or an automated system were tricked into opening a specially
crafted input file, a remote attacker could possibly use this issue to perform
command injection. (CVE-2024-25082)

Generated by Feedzy

Cyber Security News

Europol Warns of Home Routing Challenges For Lawful Interception

Meta Faces Suspension of AI Data Training in Brazil

Volcano Demon ransomware group rings its victims to extort money

Over $1bn in Cryptocurrency Lost to Web3 Cyber Incidents in 2024

Gamers’ Data Exposed in RPG Platform Roll20 Breach

New Ransomware Group Phones Execs to Extort Payment

UK’s NCA Leads Major Cobalt Strike Takedown

Smashing Security podcast #379: Private nights, evil twins, and crypto home invasions

The Not-So-Secret Network Access Broker x999xx

USN-6856-1: FontForge vulnerabilities

yarnpkg-1.22.22-2.fc40

pgadmin4-7.8-7.fc39

USN-6879-1: Virtuoso Open-Source Edition vulnerabilities

USN-6866-2: Linux kernel (Azure) vulnerabilities

USN-6865-2: Linux kernel (Azure) vulnerabilities

USN-6870-2: Linux kernel (AWS) vulnerabilities