Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to incorrect handling of blendArray.
Microsoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability due to integer overflow in readTTCDirectory.
Microsoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability in OpenType font handling in readStrings.
Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to out-of-bounds cubeStackDepth.
Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to negative cubeStackDepth.
Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to negative nAxes.
Microsoft DirectWrite / AFDKO suffers from a stack-based buffer overflow vulnerability in do_set_weight_vector_cube for large nAxes.
Microsoft DirectWrite / AFDKO suffers from an issue where it makes use of uninitialized memory while freeing resources in var_loadavar.
PowerPanel Business Edition version 3.4.0 is vulnerable to cross site request forgery vulnerability. This can be exploited by tricking an authenticated user into visiting a web page controlled by a malicious person.
Microsoft DirectWrite / AFDKO suffers from a heap-based out-of-bounds read/write vulnerability in OpenType font handling due to unbounded iFD.