Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
harfbuzz project harfbuzz vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-25193
hb-ot-layout-gsubgpos.hh in HarfBuzz up to and including 6.0.0 allows malicious users to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
Harfbuzz Project Harfbuzz
Fedoraproject Fedora 36
5.5
CVSSv3
CVE-2022-33068
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows malicious users to cause a Denial of Service (DoS) via unspecified vectors.
Harfbuzz Project Harfbuzz 4.3.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
6.5
CVSSv3
CVE-2021-45931
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).
Harfbuzz Project Harfbuzz 2.9.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.5
CVSSv3
CVE-2015-9274
HarfBuzz prior to 1.0.4 allows remote malicious users to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh...
Harfbuzz Project Harfbuzz
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started