| CVE-2025-27363 |
AVG-2877 |
High |
Yes |
Arbitrary code execution |
An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable... |
| CVE-2020-15999 |
AVG-1254 |
High |
Yes |
Arbitrary code execution |
A heap buffer overflow has been found in freetype2 before 2.10.4. Malformed TTF files with PNG sbit glyphs can cause a heap buffer overflow in Load_SBit_Png... |
| CVE-2018-6942 |
AVG-613 |
Low |
Yes |
Denial of service |
An issue was discovered in FreeType 2 before 2.9.1. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to denial of... |
| CVE-2017-8287 |
AVG-257 |
High |
Yes |
Arbitrary code execution |
FreeType 2 <= 2.7.1 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. |
| CVE-2017-8105 |
AVG-257 |
High |
Yes |
Arbitrary code execution |
FreeType 2 <= 2.7.1 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. |
| CVE-2016-10328 |
AVG-251 |
High |
No |
Arbitrary code execution |
FreeType 2 before 2016-12-16 (2.7.1) has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. |