Harfbuzz\ CVEs and Security Vulnerabilities

Export limit exceeded: 336825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 21), (line:1, col:22)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (336825 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-22459	2 Blend Media, Wordpress	2 Wordpress Cta, Wordpress	2026-03-06	N/A
Missing Authorization vulnerability in Blend Media WordPress CTA easy-sticky-sidebar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress CTA: from n/a through <= 1.7.4.
CVE-2026-22465	2 Seventhqueen, Wordpress	2 Buddyapp, Wordpress	2026-03-06	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SeventhQueen BuddyApp buddyapp allows Reflected XSS.This issue affects BuddyApp: from n/a through <= 1.9.2.
CVE-2026-22471	2 Maximsecudeal, Wordpress	2 Secudeal Payments For Ecommerce, Wordpress	2026-03-06	N/A
Deserialization of Untrusted Data vulnerability in maximsecudeal Secudeal Payments for Ecommerce secudeal-payments-for-ecommerce allows Object Injection.This issue affects Secudeal Payments for Ecommerce: from n/a through <= 1.1.
CVE-2026-22474	2 Themerex, Wordpress	2 Equestrian Centre, Wordpress	2026-03-06	N/A
Deserialization of Untrusted Data vulnerability in ThemeREX Equestrian Centre equestrian-centre allows Object Injection.This issue affects Equestrian Centre: from n/a through <= 1.5.
CVE-2026-22476	2 Elated-themes, Wordpress	2 Etchy, Wordpress	2026-03-06	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Etchy etchy allows PHP Local File Inclusion.This issue affects Etchy: from n/a through <= 1.0.
CVE-2026-22478	2 Elated Themes, Wordpress	2 Findall, Wordpress	2026-03-06	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes FindAll findall allows PHP Local File Inclusion.This issue affects FindAll: from n/a through <= 1.4.
CVE-2026-22497	2 Ancorathemes, Wordpress	2 Jardi, Wordpress	2026-03-06	N/A
Deserialization of Untrusted Data vulnerability in AncoraThemes Jardi jardi allows Object Injection.This issue affects Jardi: from n/a through <= 1.7.2.
CVE-2026-23546	2 Radiustheme, Wordpress	2 Classified Listing, Wordpress	2026-03-06	N/A
Insertion of Sensitive Information Into Sent Data vulnerability in RadiusTheme Classified Listing classified-listing allows Retrieve Embedded Sensitive Data.This issue affects Classified Listing: from n/a through <= 5.3.4.
CVE-2026-23799	2 Themeum, Wordpress	2 Tutor Lms, Wordpress	2026-03-06	N/A
Missing Authorization vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through <= 3.9.5.
CVE-2026-23802	2 Jordy Meow, Wordpress	2 Ai-engine, Wordpress	2026-03-06	N/A
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine ai-engine allows Using Malicious Files.This issue affects AI Engine: from n/a through <= 3.3.2.
CVE-2026-24960	2 Wordpress, Zozothemes	2 Wordpress, Charety	2026-03-06	N/A
Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Charety charety allows Using Malicious Files.This issue affects Charety: from n/a through < 2.0.2.
CVE-2026-27097	2 Ancorathemes, Wordpress	2 Casamia \| Property Rental Real Estate Wordpress Theme, Wordpress	2026-03-06	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes CasaMia \| Property Rental Real Estate WordPress Theme casamia allows PHP Local File Inclusion.This issue affects CasaMia \| Property Rental Real Estate WordPress Theme: from n/a through <= 1.1.2.
CVE-2026-27334	2 Dan Fisher, Wordpress	2 Alchemists, Wordpress	2026-03-06	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in dan_fisher Alchemists alchemists allows PHP Local File Inclusion.This issue affects Alchemists: from n/a through <= 4.6.0.
CVE-2026-27336	2 Ancorathemes, Wordpress	2 Consultor \| Consulting, Accounting & Legal Counsel Wordpress Theme, Wordpress	2026-03-06	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Consultor \| Consulting, Accounting & Legal Counsel WordPress Theme consultor allows PHP Local File Inclusion.This issue affects Consultor \| Consulting, Accounting & Legal Counsel WordPress Theme: from n/a through <= 1.2.4.
CVE-2026-27338	2 Aivahthemes, Wordpress	2 Car Zone, Wordpress	2026-03-06	N/A
Deserialization of Untrusted Data vulnerability in AivahThemes Car Zone carzone allows Object Injection.This issue affects Car Zone: from n/a through <= 3.7.
CVE-2026-27339	2 Ancorathemes, Wordpress	2 Buzz Stone \| Magazine & Viral Blog Wordpress Theme, Wordpress	2026-03-06	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Buzz Stone \| Magazine & Viral Blog WordPress Theme buzzstone allows PHP Local File Inclusion.This issue affects Buzz Stone \| Magazine & Viral Blog WordPress Theme: from n/a through <= 1.0.2.
CVE-2026-27340	2 Ancorathemes, Wordpress	2 Apollo \| Night Club, Dj Event Wordpress Theme, Wordpress	2026-03-06	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Apollo \| Night Club, DJ Event WordPress Theme apollo allows PHP Local File Inclusion.This issue affects Apollo \| Night Club, DJ Event WordPress Theme: from n/a through <= 1.3.1.
CVE-2026-28559	2 Gvectors, Wordpress	2 Wpforo Forum, Wordpress	2026-03-06	5.3 Medium
wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve private and unapproved forum topics via the global RSS feed endpoint. Attackers request the RSS feed without a forum ID parameter, bypassing the privacy and status WHERE clauses that are only applied when a specific forum ID is present in the query.
CVE-2026-27342	2 Mikado-themes, Wordpress	2 Topfit - Fitness And Gym Wordpress Theme, Wordpress	2026-03-06	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes TopFit - Fitness and Gym WordPress Theme topfit allows PHP Local File Inclusion.This issue affects TopFit - Fitness and Gym WordPress Theme: from n/a through <= 1.9.
CVE-2026-27344	2 Inseriswiss, Wordpress	2 Inseri Core, Wordpress	2026-03-06	N/A
Missing Authorization vulnerability in inseriswiss inseri core inseri-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects inseri core: from n/a through <= 1.0.5.

« first previous Page 52 of 16842. next last »