4165 matches found
CVE-2026-20213
A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE file...
CVE-2026-20214 ClamAV FSG File Format Processing Out-of-Bounds Memory Corruption Vulnerability
A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in FSG...
EUVD-2026-41079
A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in FSG...
CVE-2026-56365
A flaw was found in ImageMagick. A remote attacker could exploit a memory leak vulnerability in the Portable Network Graphics PNG encoder when it fails to write Multiple-image Network Graphics MNG images. This flaw allows attackers to exhaust memory resources, leading to a denial of service DoS...
osTicket - Arbitrary File Read
Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...
PT-2026-54703
Name of the Vulnerable Software and Affected Versions ClamAV affected versions not specified Description An issue exists in the PE file format parser where improper boundary checks for content during scanning can lead to an out-of-bounds buffer write. A remote, unauthenticated attacker can exploi...
DEBIAN-CVE-2026-56365
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...
CVE-2026-56365
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...
DEBIAN-CVE-2026-13962
Insufficient data validation in PDF in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14108
CVE-2026-14108 is a use-after-free in PDFium underlying Google Chrome prior to 150.0.7871.47. The flaw allows a remote attacker to execute arbitrary code inside the browser sandbox via a crafted PDF file. Affected component: PDFium within Chrome; root cause: use-after-free vulnerability. Impact: ...
CVE-2026-56365 ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...
atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen
A flaw was found in Atril, Evince and Xreader. A malicious link inside a specially crafted PDF document can cause arbitrary code execution when clicked due to improper quoting of attacker-controlled PDF link-destination fields during remote go-to /GoToR actions. This issue allows an attacker to...
CVE-2026-13522
A security flaw has been discovered in Investintech SlimPDFReader up to 2.0.14. Affected by this issue is the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of the file SlimPDFReader.exe of the component PDF File Handler. Performing a manipulation results in out-of-bounds read. It is...
CVE-2026-13522
Investintech SlimPDFReader up to version 2.0.14 is affected by an out-of-bounds read in SlimPDFReader.exe (PDF File Handler). The vulnerable component is the function Investintech::PCV::TeighaDo+0x25cde0 inside SlimPDFReader.exe. A manipulation can trigger the out-of-bounds read, and the issue ca...
CVE-2026-57532
CVE-2026-57532 describes a vulnerability where malicious HTML content contained in the layout specification of a PDF ticket/badge layout is executed when the PDF editor is opened in a browser. This could allow one backend user to inject JavaScript into the browser context of another backend user....
Important: evince security update
The evince packages provide a simple multi-page document viewer for Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS files, and, with additional back-ends, also the Device Independent File format DVI files. Security Fixes: atril: evince: xreader: PDF /GoToR action argv...
CVE-2026-49460
CVE-2026-49460 affects the Python PDF library pypdf . Prior to version 6.12.2 , processing a PDF that uses a stream with the /FlateDecode filter and a PNG predictor can cause unusually long runtimes. The issue is fixed in 6.12.2 . Impact, in line with the sources, is a denial of service-like slow...
CVE-2026-49461
CVE-2026-49461 affects the Python PDF library pypdf . The vulnerability occurs before version 6.12.2 and lets an attacker craft a PDF whose page contains a form XObject with self-references, causing large memory usage during text extraction. Impact is memory-related and can affect systems process...
poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication
A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...
Astra Linux – Vulnerability in GraphicsMagick
GraphicsMagick version 1.3.35 has a heap-based buffer overflow in the ReadMNGImage function in the coders/png.c file...