Lucene search
K

4173 matches found

Fedora
Fedora
added 2026/05/29 1:13 a.m.14 views

[SECURITY] Fedora 44 Update: libpng-1.6.58-1.fc44

The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...

5.1CVSS5.8AI score0.00195EPSS
Exploits1
Fedora
Fedora
added 2026/05/29 1:13 a.m.17 views

[SECURITY] Fedora 44 Update: podofo-1.0.4-1.fc44

PoDoFo is a library to work with the PDF file format. The name comes from the first letter of PDF Portable Document Format. A few tools to work with PDF files are already included in the PoDoFo package. The PoDoFo library is a free, portable C++ library which includes classes to parse PDF files a...

2.5CVSS5.8AI score0.00096EPSS
Exploits0
EUVD
EUVD
added 2026/05/29 12:38 a.m.14 views

EUVD-2026-33099

Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

6.2AI score0.0028EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/29 12:0 a.m.9 views

CVE-2025-70103

Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc...

7.3CVSS6AI score0.00367EPSS
Exploits0References4
Redos
Redos
added 2026/05/29 12:0 a.m.11 views

ROS-20260529-73-0006

The vulnerability of the pngsettRNS and pngsetPLTE functions in the LIBPNG library is related to improper memory management during data deallocation. Exploiting this vulnerability may allow a remote attacker to gain access to the freed memory area, which could lead to the execution of arbitrary...

7.5CVSS6.2AI score0.01052EPSS
Exploits1
OSV
OSV
added 2026/05/28 11:16 p.m.9 views

DEBIAN-CVE-2026-9993

Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted PDF file. Chromium security severity: High...

8.3CVSS5.8AI score0.00164EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/28 10:25 p.m.10 views

CVE-2026-10002

Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: High...

8.8CVSS5.8AI score0.0018EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/28 10:25 p.m.37 views

CVE-2026-9993

Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted PDF file. Chromium security severity: High...

0.00164EPSS
Exploits0References2
CVE
CVE
added 2026/05/28 10:25 p.m.31 views

CVE-2026-9993

CVE-2026-9993 affects Google Chrome (Chromium-based) and its Views component. The flaw is a use-after-free in Views that could allow a remote attacker with renderer access to escape the sandbox via a crafted PDF file. Affected version range is Chrome prior to 148.0.7778.216. If exploiting, the im...

8.3CVSS5.8AI score0.00164EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 10:25 p.m.11 views

CVE-2026-9958

Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: High...

8.8CVSS5.8AI score0.00224EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/28 10:25 p.m.33 views

CVE-2026-9957

Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

0.0028EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/28 10:25 p.m.9 views

CVE-2026-9957

Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

6.2AI score0.0028EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/28 10:25 p.m.11 views

CVE-2026-9957

Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0
OSV
OSV
added 2026/05/28 4:16 p.m.8 views

UBUNTU-CVE-2026-48735

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1...

6.9CVSS5.8AI score0.0013EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/27 5:36 p.m.7 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the DecodeImagePNM function. An attacker can execute arbitrary code or cause a denial of service by submitting specially crafted PBM image files. Remediation A fix was pushed into the master branch but not...

8.1CVSS6.2AI score0.00367EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 3:16 p.m.10 views

CVE-2025-70103

Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc...

7.3CVSS0.00367EPSS
Exploits0References5
OSV
OSV
added 2026/05/27 3:16 p.m.5 views

DEBIAN-CVE-2025-70103

Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc...

7.3CVSS6AI score0.00367EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/05/27 1:2 p.m.14 views

USN-8321-1: Papers vulnerability

It was discovered that Papers incorrectly handled PDF /GoToR actions. If a user were tricked into opening a specially crafted PDF file, an attacker could use this issue to manipulate command lines and possibly execute arbitrary code...

8.4CVSS5.8AI score0.00529EPSS
Exploits0
OSV
OSV
added 2026/05/27 1:2 p.m.9 views

USN-8321-1 papers vulnerability

It was discovered that Papers incorrectly handled PDF /GoToR actions. If a user were tricked into opening a specially crafted PDF file, an attacker could use this issue to manipulate command lines and possibly execute arbitrary code...

8.4CVSS5.8AI score0.00529EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:0 a.m.9 views

CVE-2025-70103

Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc...

6AI score0.00367EPSS
Exploits0References5
Rows per page
Query Builder