Lucene search
K

44 matches found

RedhatCVE
RedhatCVE
added 2026/02/11 1:33 a.m.10 views

CVE-2026-25920

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, a heap out-of-bounds read vulnerability exists in SumatraPDF's MOBI HuffDic decompressor. The bounds check in AddCdicData only validates half the range that DecodeOne actually accesses. Opening a crafted .mobi file can read...

5.5CVSS5.5AI score0.00217EPSS
Exploits1References1
NVD
NVD
added 2026/02/09 10:16 p.m.11 views

CVE-2026-25920

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, a heap out-of-bounds read vulnerability exists in SumatraPDF's MOBI HuffDic decompressor. The bounds check in AddCdicData only validates half the range that DecodeOne actually accesses. Opening a crafted .mobi file can read...

5.5CVSS0.00217EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.9 views

PT-2026-7171

Name of the Vulnerable Software and Affected Versions SumatraPDF versions 3.5.2 and earlier Description A heap out-of-bounds read issue exists in SumatraPDF's MOBI HuffDic decompressor. The bounds check within the AddCdicData function does not validate the complete range accessed by the DecodeOne...

5.5CVSS5.4AI score0.00217EPSS
Exploits1References7
NVD
NVD
added 2026/01/22 1:15 a.m.14 views

CVE-2026-23951

SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting ...

5.5CVSS0.00194EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/22 12:17 a.m.4 views

CVE-2026-23951 SumatraPDF's Integer Underflow in PalmDbReader Leads to Crash

SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting ...

5.5CVSS5.5AI score0.00194EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/01/22 12:17 a.m.5 views

CVE-2026-23951

SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting ...

5.5CVSS5.4AI score0.00194EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

sumatrapdf numerical error vulnerability

Sumatrapdf is an open-source PDF reader developed by SumatraPDF Reader. SumatraPDF has a digital error vulnerability; this vulnerability stems from handling specially crafted Mobi files, where a single mistake or integer underflow can lead to out-of-bounds heap access and application crashes...

5.5CVSS5.8AI score0.00194EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.11 views

PT-2026-3887

SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting ...

5.5CVSS5.5AI score0.00194EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-3467

Malware in sbrugna...

6.5CVSS6.6AI score0.01434EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-3468

Malware in sbrugna...

6.5CVSS6.6AI score0.01434EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-3743

Malware in sbrugna...

8.8CVSS8.8AI score0.01551EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-3465

Malware in sbrugna...

6.5CVSS6.6AI score0.01434EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-3469

Malware in sbrugna...

8.8CVSS8.8AI score0.02666EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-3745

Malware in sbrugna...

8.8CVSS8.8AI score0.02546EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-34109

Malicious code in bioql PyPI...

6.5CVSS4.6AI score0.00795EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2018-11435

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mobidecompresshuffmaninternal function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure read access violation via a...

6.5CVSS6.6AI score0.01436EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.4 views

SUSE CVE-2018-11724

The mobipk1decrypt function in encryption.c in Libmobi 0.3 allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted mobi file...

8.8CVSS7.6AI score0.01551EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/06/02 2:15 p.m.3 views

CVE-2022-29788

libmobi before v0.10 contains a NULL pointer dereference via the component mobibuffergetpointer. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted mobi file...

6.5CVSS6.1AI score0.00795EPSS
Exploits0References2
OSV
OSV
added 2022/06/02 2:15 p.m.2 views

DEBIAN-CVE-2022-29788

libmobi before v0.10 contains a NULL pointer dereference via the component mobibuffergetpointer. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted mobi file...

6.5CVSS4.9AI score0.00795EPSS
Exploits0References1
Prion
Prion
added 2022/06/02 2:15 p.m.11 views

Null pointer dereference

libmobi before v0.10 contains a NULL pointer dereference via the component mobibuffergetpointer. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted mobi file...

4.3CVSS6.2AI score0.00795EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder