Lucene search
K

1689 matches found

Ubuntu
Ubuntu
added 2026/06/08 12:43 p.m.14 views

USN-8399-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled large glyph advance values in fonts. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. CVE-2026-42308 It was discovered that Pillow incorrectly handled nested coordinate lists in certain APIs. An...

8.6CVSS7.6AI score0.0015EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.9 views

Chromium: CVE-2026-11261 Insufficient validation of untrusted input in PDF

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS5.4AI score0.00176EPSS
Exploits0
EUVD
EUVD
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34768

Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...

6.2AI score0.00228EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.33 views

Linux Distros Unpatched Vulnerability : CVE-2026-10118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers ...

7.8CVSS7.3AI score0.00252EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/01 3:29 p.m.11 views

CVE-2026-10118

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6AI score0.00252EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/30 2:17 a.m.11 views

SUSE CVE-2026-9957

Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
Fedora
Fedora
added 2026/05/29 1:27 a.m.16 views

[SECURITY] Fedora 43 Update: podofo-1.0.4-1.fc43

PoDoFo is a library to work with the PDF file format. The name comes from the first letter of PDF Portable Document Format. A few tools to work with PDF files are already included in the PoDoFo package. The PoDoFo library is a free, portable C++ library which includes classes to parse PDF files a...

2.5CVSS5.8AI score0.00096EPSS
Exploits0
Fedora
Fedora
added 2026/05/29 1:13 a.m.17 views

[SECURITY] Fedora 44 Update: podofo-1.0.4-1.fc44

PoDoFo is a library to work with the PDF file format. The name comes from the first letter of PDF Portable Document Format. A few tools to work with PDF files are already included in the PoDoFo package. The PoDoFo library is a free, portable C++ library which includes classes to parse PDF files a...

2.5CVSS5.8AI score0.00096EPSS
Exploits0
EUVD
EUVD
added 2026/05/29 12:38 a.m.14 views

EUVD-2026-33099

Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

6.2AI score0.0028EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 11:16 p.m.9 views

DEBIAN-CVE-2026-9993

Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted PDF file. Chromium security severity: High...

8.3CVSS5.8AI score0.00164EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/28 10:25 p.m.10 views

CVE-2026-10002

Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: High...

8.8CVSS5.8AI score0.0018EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/28 10:25 p.m.37 views

CVE-2026-9993

Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted PDF file. Chromium security severity: High...

0.00164EPSS
Exploits0References2
CVE
CVE
added 2026/05/28 10:25 p.m.32 views

CVE-2026-9993

CVE-2026-9993 affects Google Chrome (Chromium-based) and its Views component. The flaw is a use-after-free in Views that could allow a remote attacker with renderer access to escape the sandbox via a crafted PDF file. Affected version range is Chrome prior to 148.0.7778.216. If exploiting, the im...

8.3CVSS5.8AI score0.00164EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 10:25 p.m.11 views

CVE-2026-9958

Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: High...

8.8CVSS5.8AI score0.00224EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/28 10:25 p.m.33 views

CVE-2026-9957

Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

0.0028EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/28 10:25 p.m.9 views

CVE-2026-9957

Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

6.2AI score0.0028EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/28 10:25 p.m.11 views

CVE-2026-9957

Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0
OSV
OSV
added 2026/05/28 4:16 p.m.10 views

UBUNTU-CVE-2026-48735

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1...

6.9CVSS5.8AI score0.0013EPSS
Exploits0References5
OSV
OSV
added 2026/05/27 1:2 p.m.9 views

USN-8321-1 papers vulnerability

It was discovered that Papers incorrectly handled PDF /GoToR actions. If a user were tricked into opening a specially crafted PDF file, an attacker could use this issue to manipulate command lines and possibly execute arbitrary code...

8.4CVSS5.8AI score0.00529EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/05/27 1:2 p.m.14 views

USN-8321-1: Papers vulnerability

It was discovered that Papers incorrectly handled PDF /GoToR actions. If a user were tricked into opening a specially crafted PDF file, an attacker could use this issue to manipulate command lines and possibly execute arbitrary code...

8.4CVSS5.8AI score0.00529EPSS
Exploits0
Rows per page
Query Builder