CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1777 matches found

Astra Linux – Vulnerability in GhostScript

A heap-based buffer overwrite vulnerability was discovered in the lp8000printpage function of GhostScript, located in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a specially crafted PDF file, triggering a heap buffer overflow that could lead to memory corruption...

7.1CVSS7.4AI score0.00437EPSS

Exploits0References2

SUSE CVE•added 6 days ago•7 views

SUSE CVE-2026-12460

Insufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted PDF file. Chromium security severity: High...

4.2CVSS5.2AI score0.00153EPSS

Exploits0References3

NVD•added last week•5 views

CVE-2026-12460

4.2CVSS0.00153EPSS

Exploits0References2

Positive Technologies•added 2026/06/16 12:0 a.m.•10 views

PT-2026-49743

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.13.0 Description A flaw in the pure-python PDF library allows an attacker to craft a PDF that triggers an infinite loop. This occurs when merging a file containing outlines into a writer. Recommendations Update to...

6.9CVSS5.8AI score0.00125EPSS

Exploits0References6

RedHat Linux•added 2026/06/10 6:33 a.m.•11 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS5.7AI score0.00252EPSS

Exploits0References5

NVD•added 2026/06/08 3:16 p.m.•14 views

CVE-2026-49235

When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...

8.7CVSS0.00358EPSS

Exploits0References1

ATTACKERKB•added 2026/06/08 12:59 p.m.•5 views

CVE-2026-49235

When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...

8.7CVSS5.4AI score0.00358EPSS

Exploits0References2

EUVD•added 2026/06/08 12:59 p.m.•7 views

EUVD-2026-35065

When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...

8.7CVSS5.4AI score0.00358EPSS

Exploits0References1

Positive Technologies•added 2026/06/08 12:0 a.m.•8 views

PT-2026-47496

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue exists in the PDF component, which allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted PDF file. Use after free is a...

9.6CVSS6.7AI score0.01654EPSS

Exploits4References82

Positive Technologies•added 2026/06/08 12:0 a.m.•11 views

PT-2026-47304

Name of the Vulnerable Software and Affected Versions Routinator affected versions not specified Description Routinator crashes when it encounters a file via RRDP Router Role Distribution Protocol that uses a specifically crafted Document Type Definition DTD, which is a set of markup declarations...

8.7CVSS5.4AI score0.00358EPSS

Exploits0References8

EUVD•added 2026/06/05 12:31 a.m.•8 views

EUVD-2026-34765

Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: Low...

5.8AI score0.00187EPSS

Exploits0References3

EUVD•added 2026/06/05 12:31 a.m.•10 views

EUVD-2026-34766