Lucene search
K

6 matches found

NVD
NVD
added yesterday7 views

CVE-2026-13129

When the application opens a PDF file, JavaScript uses the damaged field tree to trigger field traversal, resulting in the program holding an invalid form object when accessing the field property path. Eventually, the application crashes due to reading an invalid pointer...

7.8CVSS0.00116EPSS
Exploits0References1
EUVD
EUVD
added yesterday8 views

EUVD-2026-42182

When the application opens a PDF file, JavaScript uses the damaged field tree to trigger field traversal, resulting in the program holding an invalid form object when accessing the field property path. Eventually, the application crashes due to reading an invalid pointer...

7.8CVSS6AI score0.00116EPSS
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-13129

CVE-2026-13129 affects Foxit PDF Editor/Reader (Annotation feature). The issue is a use-after-free in the handling of the PDF form field tree triggered by JavaScript during field traversal, which can leave the program with an invalid form object and lead to a crash, with potential remote code exe...

7.8CVSS6AI score0.00116EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.26 views

PT-2026-50147

Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.7.12 Description When running in BYONM mode nodeModulesDir: "manual", the module resolver fails to validate that a package's resolved entrypoint remains within its node modules// directory. A malicious package.json...

5.5CVSS6AI score0.00135EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.10 views

CVE-2026-44635

Kysely is a type-safe TypeScript SQL query builder. From 0.26.0 to 0.28.16, DefaultQueryCompiler.visitJSONPathLeg does not escape JSON-path metacharacters ., , , , , ?. When attacker-controlled input flows into eb.refcol, '-$'.keyinput or .atinput — including type-safe code where the JSON column ...

7.5CVSS5.7AI score0.00362EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/19 12:0 a.m.4 views

Vulnerability in the "My Orders" section of the Eastern Presentation Society App

East Presentation Club APP is a convenient hotel booking platform. An override access vulnerability exists in the "My Order" section of Dongcheng Club APP. An attacker can traverse the key fields to obtain sensitive information of other users through packet capture...

6.5AI score
Exploits0
Rows per page
Query Builder