CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56732 – HarfBuzz heap-buffer-overflow on hb_cairo_glyphs_from_buffer
https://notcve.org/view.php?id=CVE-2024-56732
27 Dec 2024 — HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hb_cairo_glyphs_from_buffer function. It was discovered that HarfBuzz incorrectly handled certain memory operations. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://github.com/harfbuzz/harfbuzz/commit/1767f99e2e2196c3fcae27db6d8b60098d3f6d26 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-25193 – harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks
https://notcve.org/view.php?id=CVE-2023-25193
04 Feb 2023 — hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. A vulnerability was found HarfBuzz. This flaw allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the... • https://chromium.googlesource.com/chromium/src/+/e1f324aa681af54101c1f2d173d92adb80e37088/DEPS#361 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-33068 – harfbuzz: integer overflow in the component hb-ot-shape-fallback.cc
https://notcve.org/view.php?id=CVE-2022-33068
22 Jun 2022 — An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. Un desbordamiento de enteros en el componente hb-ot-shape-fallback.cc de Harfbuzz versión v4.3.0, permite a atacantes causar una Denegación de Servicio (DoS) por medio de vectores no especificados A vulnerability found in harfbuzz. An integer overflow in the hb-ot-shape-fallback.cc component allows attackers to cause a denial of service (DoS) via unspec... • https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2021-45931 – Gentoo Linux Security Advisory 202209-11
https://notcve.org/view.php?id=CVE-2021-45931
31 Dec 2021 — HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy). HarfBuzz versión 2.9.0, presenta una escritura fuera de límites en la función hb_bit_set_invertible_t::set (llamada desde hb_sparseset_t(hb_bit_set_invertible_t)::set y hb_set_copy). Multiple vulnerabilities have been discovered in HarfBuzz, the worst of which could result in arbitrary code execution. Versions less than 4.4.0 are affected. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37425 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9274 – Ubuntu Security Notice USN-5746-1
https://notcve.org/view.php?id=CVE-2015-9274
15 Nov 2018 — HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh. HarfBuzz en versiones anteriores a la 1.0.4 permite que atacantes remotos provoquen una denegación de servicio (lectura inválida de dos bytes y cierre inesperado de la aplicación) debido a la mala gestión de las tablas GPOS y GSUB. Esto e... • https://github.com/harfbuzz/harfbuzz/commit/c917965b9e6fe2b21ed6c51559673288fa3af4b7 • CWE-125: Out-of-bounds Read •
CVSS: 7.6EPSS: 3%CPEs: 1EXPL: 0CVE-2015-8947 – chromium-browser: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6
https://notcve.org/view.php?id=CVE-2015-8947
19 Jul 2016 — hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052. Un desbordamiento de buffer en el comando FTP list (ls) en IIS permite a atacantes remotos provocar una denegación de servicio y, en algunos casos, ejecutar comandos arbitrarios. Kostya Serebryany discovered that HarfBuzz incorrectly handled memory. A remote attacker could use this... • http://lists.opensuse.org/opensuse-updates/2016-08/msg00070.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2016-2052 – chromium-browser: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6
https://notcve.org/view.php?id=CVE-2016-2052
25 Jan 2016 — Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947. Múltiples vulnerabilidades no especificadas en HarfBuzz en versiones anteriores a 1.0.6, tal como se utiliza en Google Chrome en versiones anteriores a 48.0.2564.82, permiten a... • http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html •