Lucene search
K

14 matches found

Cvelist
Cvelist
added yesterday7 views

CVE-2026-57258 Foxit PDF Editor/Reader Crash via Malformed PRC 3D Stream

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS0.00112EPSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-57258

CVE-2026-57258 affects Foxit PDF Editor/Reader. The issue lies in the PRC 3D stream header parsing logic, which trusts a constructed file structure description and reads an underlying array, leading to out-of-bounds reads and application crashes. This is a local-access vulnerability requiring use...

6.1CVSS6AI score0.00112EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.13 views

PT-2026-51589

Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-bad affected versions not specified Description A flaw in the H.266 parser occurs when processing a malformed H.266/VVC video stream containing a crafted aspect ratio indicator value. This leads to an out-of-bounds read o...

4.3CVSS5.7AI score0.00276EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2026/05/18 7:58 p.m.11 views

CVE-2026-44302

Snappier is a high performance C implementation of the Snappy compression algorithm. Prior to 1.3.1, Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. This vulnerability is fixed in 1.3.1...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-38299

Name of the Vulnerable Software and Affected Versions Snappier affected versions not specified Description A denial of service issue exists where Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream. This occurs when the...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References7
Veracode
Veracode
added 2026/02/28 5:12 a.m.9 views

Denial Of Service

pypdf is vulnerable to Denial of Service. The vulnerability is due to a malformed /FlateDecode stream, where the byte-by-byte decompression is used, and an attacker can craft a PDF which leads to long runtimes...

6.9CVSS5.2AI score0.00168EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/20 10:16 p.m.3 views

DEBIAN-CVE-2026-27026

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires a malformed /FlateDecode stream, where the byte-by-byte decompression is used. This vulnerability is fixed in 6.7.1...

5.5CVSS5.3AI score0.00168EPSS
Exploits0References1
OSV
OSV
added 2026/02/20 10:16 p.m.11 views

UBUNTU-CVE-2026-27026

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires a malformed /FlateDecode stream, where the byte-by-byte decompression is used. This vulnerability is fixed in 6.7.1...

6.9CVSS5.7AI score0.00168EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

UPF 安全漏洞

UPF is an open source user interface from the Aether SD-Core Project. A security vulnerability exists in UPF upf-epc-pfcpiface:version 2.1.3-dev, which stems from a buffer out-of-bounds read while processing a PFCP session establishment request containing a malformed stream description, which cou...

7.5CVSS6.7AI score0.00347EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.3 views

SUSE CVE-2006-6053

The ext3fsdirhash function in Linux kernel 2.6.x allows local users to cause a denial of service crash via an ext3 stream with malformed data structures...

4.9CVSS6.4AI score0.0052EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.6 views

SUSE CVE-2009-0901

The Active Template Library ATL in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantCle...

9.3CVSS7.8AI score0.42004EPSS
Exploits5References3
ATTACKERKB
ATTACKERKB
added 2009/07/29 5:30 p.m.3 views

CVE-2009-0901

The Active Template Library ATL in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantCle...

9.3CVSS6.3AI score0.42004EPSS
Exploits5References27
Prion
Prion
added 2009/07/29 5:30 p.m.30 views

Design/Logic Flaw

The Active Template Library ATL in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantCle...

9.3CVSS7.9AI score0.42004EPSS
Exploits5References25Affected Software3
Cvelist
Cvelist
added 2009/07/29 5:0 p.m.35 views

CVE-2009-0901

The Active Template Library ATL in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantCle...

7.2AI score0.42004EPSS
Exploits5References25
Rows per page
Query Builder