1795 matches found
EUVD-2026-35065
When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...
PT-2026-47496
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue exists in the PDF component, which allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted PDF file. Use after free is a...
PT-2026-47304
Name of the Vulnerable Software and Affected Versions Routinator affected versions not specified Description Routinator crashes when it encounters a file via RRDP Router Role Distribution Protocol that uses a specifically crafted Document Type Definition DTD, which is a set of markup declarations...
EUVD-2026-34764
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...
EUVD-2026-34765
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: Low...
EUVD-2026-34766
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...
EUVD-2026-34767
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...
CVE-2026-11306
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...
CVE-2026-11307
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...
CVE-2026-11303
Concisely: Affects Google Chrome (PDFium) with a use-after-free in PDFium when handling crafted PDFs, enabling remote code execution inside the sandbox. Vulnerable in Chrome versions prior to 149.0.7827.53; mitigation is to upgrade to 149.0.7827.53 or later. No exploitation/weaponization details ...
CVE-2026-11169
Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...
PT-2026-46831
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in PDFium allows a remote attacker to potentially exploit heap corruption through a crafted PDF file. Use after free is a memory corruption flaw that occurs when ...
CVE-2026-10118
A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...
DEBIAN-CVE-2026-10002
Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: High...
CVE-2026-10002
Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: High...
CVE-2026-9958
Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: High...
OPENSUSE-SU-2026:20831-1 Security update for python-Pillow
This update for python-Pillow fixes the following issues - CVE-2026-42308: integer overflow in font processing can lead to denial of service bsc1265359. - CVE-2026-42309: heap buffer overflow when processing nested list coordinates bsc1265153. - CVE-2026-42310: infinite loop and resource exhausti...
USN-8321-1: Papers vulnerability
It was discovered that Papers incorrectly handled PDF /GoToR actions. If a user were tricked into opening a specially crafted PDF file, an attacker could use this issue to manipulate command lines and possibly execute arbitrary code...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the reuse of PDF files after their release, potentially allowing remote attackers to execute arbitrary code with...
EUVD-2026-31812
A heap-based buffer overflow vulnerability exists in XML parser functionality in the HiDraw. An authenticated malicious user with local access can exploit this vulnerability using a specially crafted XML file which may lead to memory corruption and potential arbitrary code execution. Successful...