Lucene search
K

28042 matches found

NVD
NVD
added 2026/06/15 9:17 p.m.8 views

CVE-2026-49056

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...

7.5CVSS0.00294EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.5 views

CVE-2026-39472

Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips 5.9.0 versions...

7.2CVSS0.00446EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.30 views

CVE-2026-49056 WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.9.4 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...

7.5CVSS0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:19 p.m.7 views

CVE-2026-49056 WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.9.4 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...

7.5CVSS5.2AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.23 views

CVE-2026-49056

CVE-2026-49056 concerns the WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin, versions

7.5CVSS5.2AI score0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:17 p.m.26 views

CVE-2026-39472 WordPress WooCommerce PDF Invoices & Packing Slips plugin < 5.9.0 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips 5.9.0 versions...

7.2CVSS0.00446EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:17 p.m.22 views

CVE-2026-39472

The CVE-2026-39472 affects the WordPress WooCommerce PDF Invoices & Packing Slips plugin prior to version 5.9.0, where a PHP Object Injection vulnerability was reported affecting shop manager operations. The root cause is a PHP Object Injection flaw in this plugin version, with CVSS 3.1 base metr...

7.2CVSS5.3AI score0.00446EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 2:16 p.m.11 views

CVE-2026-52704

Improper Control of Generation of Code 'Code Injection' vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion. This issue affects WooCommerce PDF Invoice Builder: from n/a through 2.0.8...

10CVSS0.00314EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:49 p.m.30 views

CVE-2026-52704

The vulnerability CVE-2026-52704 affects the WordPress WooCommerce PDF Invoice Builder plugin (

10CVSS5.4AI score0.00314EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:49 p.m.31 views

CVE-2026-52704 WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion. This issue affects WooCommerce PDF Invoice Builder: from n/a through 2.0.8...

10CVSS0.00314EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 10:21 a.m.32 views

CVE-2026-12057

CVE-2026-12057 describes a vulnerability where JavaScript executed inside a PDF, while in a sandboxed application, can bypass some UI/danger-interface interception, allowing remote scripts to run and potentially cause arbitrary code execution. The NVD entry ties this to a high-severity impact (CV...

8.6CVSS5.7AI score0.00129EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/15 10:21 a.m.19 views

CVE-2026-12057 DoS + Remote Code Execution via PDF JavaScript in Foxit AI

When the application executes the JavaScript script embedded in the PDF within the sandbox, it fails to intercept some dangerous interfaces, which allows remote scripts to be loaded, resulting in arbitrary code execution...

8.6CVSS5.7AI score0.00129EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 10:21 a.m.36 views

CVE-2026-12057 DoS + Remote Code Execution via PDF JavaScript in Foxit AI

When the application executes the JavaScript script embedded in the PDF within the sandbox, it fails to intercept some dangerous interfaces, which allows remote scripts to be loaded, resulting in arbitrary code execution...

8.6CVSS0.00129EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.9 views

PT-2026-49499

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...

7.5CVSS5.2AI score0.00294EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/14 5:4 a.m.13 views

[SECURITY] Fedora 43 Update: weasyprint-69.0-1.fc43

WeasyPrint can render HTML and CSS to PDF. It aims to support web standards for printing...

5.3AI score
Exploits0
Fedora
Fedora
added 2026/06/13 1:13 a.m.12 views

[SECURITY] Fedora 44 Update: weasyprint-69.0-1.fc44

WeasyPrint can render HTML and CSS to PDF. It aims to support web standards for printing...

5.3AI score
Exploits0
EUVD
EUVD
added 2026/06/13 12:34 a.m.12 views

EUVD-2025-210122

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.68...

7.8CVSS5.6AI score0.00131EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/13 12:34 a.m.12 views

EUVD-2025-210129

Stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a malformed PDF file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, an...

5.5CVSS5.4AI score0.00113EPSS
Exploits0References2
OSV
OSV
added 2026/06/13 12:3 a.m.7 views

RLSA-2026:25058 Important: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication CVE-2026-10118 For more details about the...

7.8CVSS5.6AI score0.00252EPSS
Exploits0References2
NVD
NVD
added 2026/06/12 11:16 p.m.19 views

CVE-2025-9033

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.76...

7.8CVSS0.00122EPSS
Exploits0References1
Rows per page
Query Builder