Vulnerabilities > Harfbuzz Project > Harfbuzz > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-23 | CVE-2022-33068 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. | 5.5 |
| 2022-01-01 | CVE-2021-45931 | Out-of-bounds Write vulnerability in multiple products HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy). | 6.5 |
| 2018-11-15 | CVE-2015-9274 | Out-of-bounds Read vulnerability in Harfbuzz Project Harfbuzz HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh. | 6.5 |