CVE-2026-22693

HarfBuzz text shaping engine contains a null pointer dereference in SubtableUnicodesCache::create (src/hb-ot-cmap-table.hh) that occurs when hb_malloc returns NULL before a placement new, leading to undefined behavior/segfault on low memory. This affects versions prior to 12.3.0 and has been fixe...

EUVD-2017-3432

Malware in sbrugna...

EUVD-2018-1565

Malware in sbrugna...

EUVD-2018-1570

Malware in sbrugna...

EUVD-2017-3435

Malware in sbrugna...

EUVD-2023-47535

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-43114

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted...

RLSA-2025:3407 Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files...

freetype security update

An update is available for freetype. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeType is a free, high-quality, portable font engine that can open and...

freetype security update

An update is available for freetype. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeType is a free, high-quality, portable font engine that can open and...

Moderate: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools:A malicious actor with non-administrative...

Important: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

ALSA-2025:3421 Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files...

K000148687: qt vulnerabilities CVE-2018-21035, CVE-2015-1290, CVE-2013-0254, and CVE-2023-43114

Security Advisory Description CVE-2018-21035 In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service memory consumption. CVE-2015-1290 The Google V8...

FreeType: Multiple Vulnerabilities

Background FreeType is a high-quality and portable font engine. Description Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

Moderate: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

OESA-2023-1878 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

OESA-2023-1877 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

Security: Update regarding CVE-2023-43114

A recently reported issue on Windows with the GDI font engine which had been assigned the CVE id CVE-2023-43114 was reported as having been fixed in Qt 6.5.3. Unfortunately, this was incorrect as the patch did not end up in Qt 6.5.3. The patch available at...