Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
harfbuzz project harfbuzz vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-25193
hb-ot-layout-gsubgpos.hh in HarfBuzz up to and including 6.0.0 allows malicious users to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
Harfbuzz Project Harfbuzz
Fedoraproject Fedora 36
6.5
CVSSv3
CVE-2021-45931
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).
Harfbuzz Project Harfbuzz 2.9.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.5
CVSSv3
CVE-2015-9274
HarfBuzz prior to 1.0.4 allows remote malicious users to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh...
Harfbuzz Project Harfbuzz
5.5
CVSSv3
CVE-2022-33068
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows malicious users to cause a Denial of Service (DoS) via unspecified vectors.
Harfbuzz Project Harfbuzz 4.3.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started