CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30571 matches found

CVE•added 2026/02/15 12:2 p.m.•10 views

CVE-2026-2516

Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4 (32-bit) are affected by a vulnerability in SHFOLDER.dll causing an uncontrolled search path. The issue requires local access to exploit and is described as high impact (confidentiality, integrity, availability) with high exploit maturity (pro...

7.3CVSS6.6AI score0.00016EPSS

Exploits0References5

Positive Technologies•added 2026/02/15 12:0 a.m.•6 views

PT-2026-8237

Name of the Vulnerable Software and Affected Versions Unidocs ezPDF DRM Reader and ezPDF Reader versions 2.0 and 3.0.0.4 Description A security issue exists in Unidocs ezPDF DRM Reader and ezPDF Reader. The problem is related to an uncontrolled search path within the SHFOLDER.dll library. This...

7.3CVSS6.9AI score0.00016EPSS

Exploits0References12

CNNVD•added 2026/02/15 12:0 a.m.•4 views

Unidocs ezPDF DRM Reader和Unidocs ezPDF Reader 代码问题漏洞

Unidocs ezPDF DRM Reader and Unidocs ezPDF Reader are PDF readers developed by Unidocs, a company from South Korea. There are code vulnerabilities in Unidocs ezPDF DRM Reader and Unidocs ezPDF Reader 2.0, as well as Unidocs ezPDF Reader 3.0.0.4. These vulnerabilities stem from uncontrolled search...

7.3CVSS7.2AI score0.00016EPSS

Exploits0References4

RedhatCVE•added 2026/02/12 1:4 a.m.•3 views

CVE-2026-1495

The vulnerability, if exploited, could allow an attacker with Event Log Reader S-1-5-32-573 privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server...

6.5CVSS5.5AI score0.00022EPSS

Exploits0References1

NVD•added 2026/02/10 9:16 p.m.•2 views

CVE-2026-1495

6.5CVSS0.00022EPSS

Exploits0References1

RedHat Linux•added 2026/02/10 8:28 p.m.•2 views

php: PHP: Information disclosure via getimagesize() function when reading multi-chunk images

A flaw was found in PHP. The getimagesize function may leak uninitialized heap memory when processing images in multi-chunk mode, such as through php://filter. This vulnerability, caused by a bug in phpreadstreamallchunks that overwrites the buffer without advancing the pointer, allows an attacke...

7.5CVSS5.8AI score0.00025EPSS

Exploits3References5

Vulnrichment•added 2026/02/10 8:18 p.m.•4 views

CVE-2026-1495 Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent

6.5CVSS5.5AI score0.00022EPSS

Exploits0References1

CVE•added 2026/02/10 8:18 p.m.•6 views

CVE-2026-1495

CVE-2026-1495 concerns an information-insertion vulnerability in AVEVA PI to CONNECT Agent. The CVE describes that an attacker with Event Log Reader privileges (S-1-5-32-573) can access proxy details, including the proxy URL and credentials, from the PI to CONNECT event log files. This could enab...

6.5CVSS5.5AI score0.00022EPSS

Exploits0References1

ATTACKERKB•added 2026/02/10 8:18 p.m.•2 views

CVE-2026-1495

6.5CVSS5.5AI score0.00022EPSS

Exploits0References2

SUSE CVE•added 2026/02/10 12:23 a.m.•1 views

SUSE CVE-2026-25635

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...

8.6CVSS5.9AI score0.00137EPSS

Exploits1References3

Positive Technologies•added 2026/02/10 12:0 a.m.•3 views

PT-2026-7470

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A security issue exists where an attacker with Event Log Reader S-1-5-32-573 privileges may be able to obtain proxy details, including the URL and proxy credentials, from PI to CONNECT event log file...

6.5CVSS5.4AI score0.00022EPSS

Exploits0References4

Redos•added 2026/02/09 12:0 a.m.•4 views

ROS-20260209-73-0030

A vulnerability in the tar.Reader component of the Go programming language is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

4.3CVSS5.6AI score0.00018EPSS

Exploits0

CNNVD•added 2026/02/09 12:0 a.m.•3 views

sumatrapdf 代码问题漏洞

Sumatrapdf is an open-source PDF reader developed by SumatraPDF Reader. Versions of SumatraPDF 3.5.2 and earlier have code vulnerabilities. These vulnerabilities stem from the PDF reader allowing execution of malicious binary files located in the same directory as the opened PDF, potentially...

7.8CVSS6.2AI score0.00021EPSS

Exploits1References1

Positive Technologies•added 2026/02/09 12:0 a.m.•1 views

PT-2026-7164

Name of the Vulnerable Software and Affected Versions SumatraPDF versions prior to 3.5.3 Description SumatraPDF, a multi-format reader for Windows, allows execution of a malicious binary, specifically explorer.exe, located in the same directory as an opened PDF file. This occurs when a user click...

7.8CVSS6.2AI score0.00021EPSS

Exploits1References6

RedhatCVE•added 2026/02/08 1:21 a.m.•3 views

CVE-2026-25635

A flaw was found in Calibre's CHM reader. This path traversal vulnerability allows an attacker to write arbitrary files to locations where the user has write permissions. On Windows systems, this could lead to remote code execution by placing a malicious file in the Startup folder, which would th...

8.6CVSS6.6AI score0.00137EPSS

Exploits1References5

NVD•added 2026/02/06 9:16 p.m.•4 views

CVE-2026-25635

8.6CVSS0.00137EPSS

Exploits1References3