Lucene search
K

13 matches found

OSV
OSV
added 2026/04/21 9:7 a.m.7 views

CLSA-2026-1776762459 harfbuzz: Fix of CVE-2023-25193

CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh...

7.5CVSS6.8AI score0.01812EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-29157

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.01812EPSS
Exploits0References10
OSV
OSV
added 2024/08/16 8:11 a.m.6 views

CLSA-2024-1723795896 harfbuzz: Fix of CVE-2023-25193

CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh...

7.5CVSS6.8AI score0.01812EPSS
Exploits0References1
Redos
Redos
added 2024/03/29 12:0 a.m.31 views

ROS-20240329-19

A vulnerability in the hb-ot-layout-gsubgpos.hh component of the Harfbuzz text conversion library is related to the unrestricted resource allocation, Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.01812EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/12/15 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for harfbuzz (EulerOS-SA-2023-3432)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.01812EPSS
Exploits0References2
OSV
OSV
added 2023/05/07 2:2 p.m.8 views

OSV-2023-380 UNKNOWN WRITE in bool OT::Layout::Common::Coverage::serialize<hb_map_iter_t<hb_map_iter_t<hb_filt

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58663 Crash type: UNKNOWN WRITE Crash state: bool OT::Layout::Common::Coverage::serialize::subset hbsubsetcontextt::returnt OT::Layout::GSUBimpl::SubstLookupSubTable::dispat...

7.2AI score
Exploits0References1
OSV
OSV
added 2023/05/07 2:0 p.m.12 views

OSV-2023-377 UNKNOWN WRITE in bool OT::Layout::Common::CoverageFormat2_4<OT::Layout::MediumTypes>::serialize<h

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58671 Crash type: UNKNOWN WRITE Crash state: bool OT::Layout::Common::CoverageFormat24::serialize::subset...

7.2AI score
Exploits0References1
OSV
OSV
added 2023/05/07 2:0 p.m.7 views

OSV-2023-376 UNKNOWN WRITE in OT::Layout::GPOS_impl::CursivePosFormat1::subset

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58660 Crash type: UNKNOWN WRITE Crash state: OT::Layout::GPOSimpl::CursivePosFormat1::subset hbsubsetcontextt::returnt OT::Layout::GPOSimpl::PosLookupSubTable::dispatch bool...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/06 12:0 a.m.2 views

PT-2023-35811 · Git +1 · Harfbuzz

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN WRITE. The crash state involves several function calls, including hb ot layout substitute start, hb ot...

6.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/14 12:0 a.m.45 views

Fedora 38 : cairo / freetype / harfbuzz / qt6-qtwebengine (2023-a48406ecd2)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-a48406ecd2 advisory. Security fix for CVE-2023-25193 Update of HarfBuzz to 7.0.1 version 2169172 Update of freetype to 2.13.0 version 2168496 ---- Security fix for...

7.5CVSS6.5AI score0.01812EPSS
Exploits0References2
OSV
OSV
added 2023/03/03 1:0 p.m.15 views

OSV-2023-137 Heap-buffer-overflow in OT::Layout::Common::Coverage::get_population

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56510 Crash type: Heap-buffer-overflow READ 1 Crash state: OT::Layout::Common::Coverage::getpopulation OT::Layout::GPOSimpl::SinglePosFormat1::sanitize hbsanitizecontextt::returnt OT::Layout::GPOSimpl::PosLookupSubTable::dispa...

7.2AI score
Exploits0References1
OSV
OSV
added 2023/01/23 1:1 p.m.6 views

OSV-2023-27 Heap-buffer-overflow in OT::Layout::GPOS_impl::PairSet<OT::Layout::MediumTypes>::apply

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55287 Crash type: Heap-buffer-overflow READ 1 Crash state: OT::Layout::GPOSimpl::PairSet::apply OT::Layout::GPOSimpl::PairPosFormat13::apply bool OT::hbacceleratesubtablescontextt::applytoOT::Layout::GPOSimpl::Pair...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2016/07/21 12:0 a.m.3 views

HarfBuzz Denial of Service Vulnerability

HarfBuzz is a text engine for OpenType fonts. A security vulnerability exists in the hb-ot-layout-gpos-table.hh file in HarfBuzz 1.0.4 and earlier versions. A remote attacker can exploit this vulnerability to cause a denial of service with specially crafted data...

7.6CVSS9.2AI score0.02451EPSS
Exploits0References1
Rows per page
Query Builder