threat
engine
.sh
Back
·
··:··
Home
/
Product
/
sil graphite2
Product
sil graphite2
28 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2017-7777
< 1.3.10
Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function.
8.8
HIGH
CVE-2017-7776
< 1.3.10
Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph.
8.1
HIGH
CVE-2017-7774
< 1.3.10
Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function.
9.1
CRITICAL
CVE-2017-7773
< 1.3.10
Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor.
8.8
HIGH
CVE-2017-7771
< 1.3.10
Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function.
8.1
HIGH
CVE-2017-7772
< 1.3.10
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.
8.8
HIGH
CVE-2017-7778
< 1.3.10
A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, an
9.8
CRITICAL
CVE-2017-5436
all versions
An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially
8.8
HIGH
CVE-2018-7999
all versions
In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering oper
8.8
HIGH
CVE-2016-2802
<= 1.3.5
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and
8.8
HIGH
CVE-2016-2801
<= 1.3.5
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before
8.8
HIGH
CVE-2016-2800
<= 1.3.5
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox E
8.8
HIGH
CVE-2016-2799
<= 1.3.5
Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before
8.8
HIGH
CVE-2016-2798
<= 1.3.5
The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox
8.8
HIGH
CVE-2016-2797
<= 1.3.5
The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firef
8.8
HIGH
CVE-2016-2796
<= 1.3.5
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firef
8.8
HIGH
CVE-2016-2795
<= 1.3.5
The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR
8.8
HIGH
CVE-2016-2794
<= 1.3.5
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 an
8.8
HIGH
CVE-2016-2793
<= 1.3.5
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote
8.8
HIGH
CVE-2016-2792
<= 1.3.5
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox E
8.8
HIGH
CVE-2016-2791
<= 1.3.5
The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x
8.8
HIGH
CVE-2016-2790
<= 1.3.5
The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 3
8.8
HIGH
CVE-2016-1977
<= 1.3.5
The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Fire
8.8
HIGH
CVE-2016-1969
<= 1.3.5
The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows
8.8
HIGH
CVE-2016-1526
all versions
The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Fire
8.1
HIGH
CVE-2016-1523
all versions
The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Fi
6.5
MEDIUM
CVE-2016-1522
all versions
Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not c
8.8
HIGH
CVE-2016-1521
<= 1.2.4
The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox
8.8
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin