CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

Rosalinux•added 2026/05/19 1:32 p.m.•7 views

Advisory ROSA-SA-2026-3272

software: harfbuzz 7.0.1 OS: ROSA-CHROME unaffected versions = harfbuzz-7.0.1-3 affected versions harfbuzz-7.0.1-3 CVE-ID: CVE-2026-22693 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A null pointer dereferencing vulnerability in HarfBuzz is related to a lack of validation of the hbmalloc return value...

5.3CVSS5.7AI score0.00089EPSS

Exploits1

OSV•added 2026/01/23 11:35 p.m.•1 views

SUSE-SU-2026:0287-1 Security update for harfbuzz

This update for harfbuzz fixes the following issues: - CVE-2026-22693: Fixed a NULL pointer dereference in SubtableUnicodesCache::create bsc1256459...

5.3CVSS5.8AI score0.00089EPSS

Exploits1References3

OSV•added 2026/01/23 12:23 p.m.•2 views

OESA-2026-1203 harfbuzz security update

HarfBuzz is a text-shaping engine. If you give HarfBuzz a font and a string containing a sequence of Unicode codepoints, HarfBuzz selects and positions the corresponding glyphs from the font, applying all of the necessary layout rules and font features. HarfBuzz then returns the string to you in...

5.3CVSS5.6AI score0.00089EPSS

Exploits1References2

OSV•added 2026/01/23 12:11 a.m.•2 views

MGASA-2026-0015 Updated harfbuzz packages fix security vulnerability

Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS. CVE-2026-22693...

5.3CVSS5.4AI score0.00089EPSS

Exploits1References4

SUSE CVE•added 2026/01/13 12:24 a.m.•3 views

SUSE CVE-2026-22693

HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construct an object at t...

5.3CVSS7.1AI score0.00089EPSS

Exploits1References6

Snyk•added 2026/01/10 6:51 a.m.•3 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the SubtableUnicodesCache::create function when memory allocation fails and the return value is not checked before object construction. An attacker can cause a segmentation fault and crash the process by...

6.9CVSS6.7AI score0.00089EPSS

Exploits1References2

NVD•added 2026/01/10 6:15 a.m.•5 views

CVE-2026-22693

5.3CVSS0.00089EPSS

Exploits1References4

OSV•added 2026/01/10 6:15 a.m.•2 views

AZL-73970 CVE-2026-22693 affecting package harfbuzz for versions less than 8.3.0-4

5.3CVSS5.7AI score0.00089EPSS

Exploits1References1

UbuntuCve•added 2026/01/10 6:15 a.m.•2 views

CVE-2026-22693

5.3CVSS5.9AI score0.00089EPSS

Exploits1References3

Cvelist•added 2026/01/10 5:53 a.m.•23 views

CVE-2026-22693 Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS

5.3CVSS0.00089EPSS

Exploits1References2

EUVD•added 2026/01/10 5:53 a.m.•3 views

EUVD-2026-1871

5.3CVSS6.5AI score0.00089EPSS

Exploits1References2

OSV•added 2026/01/10 5:53 a.m.•2 views

CVE-2026-22693 Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS

5.3CVSS6.7AI score0.00089EPSS

Exploits1References6

AlpineLinux•added 2026/01/10 5:53 a.m.•2 views

CVE-2026-22693

5.3CVSS7.1AI score0.00089EPSS

Exploits1References4

CVE•added 2026/01/10 5:53 a.m.•15 views

CVE-2026-22693

HarfBuzz text shaping engine contains a null pointer dereference in SubtableUnicodesCache::create (src/hb-ot-cmap-table.hh) that occurs when hb_malloc returns NULL before a placement new, leading to undefined behavior/segfault on low memory. This affects versions prior to 12.3.0 and has been fixe...

5.3CVSS6.7AI score0.00089EPSS

Exploits1References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by