Lucene search
K

3085 matches found

OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-14404

Inappropriate implementation in PDFium in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted PDF file. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00161EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-14404

Inappropriate implementation in PDFium in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted PDF file. Chromium security severity: Medium...

6.5CVSS0.00161EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago20 views

CVE-2026-14404

Inappropriate implementation in PDFium in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted PDF file. Chromium security severity: Medium...

0.00161EPSS
Exploits0References2
CVE
CVE
added 2 days ago6 views

CVE-2026-14404

CVE-2026-14404 affects Google Chrome via an incorrect implementation in PDFium, enabling a remote attacker to achieve UI spoofing through a crafted PDF file. The vulnerability is tied to Chrome versions before 150.0.7871.46 (Chromium security severity: Medium). The underlying root cause is an ina...

6.5CVSS5.8AI score0.00161EPSS
Exploits0References2Affected Software1
OSV
OSV
added 3 days ago3 views

DEBIAN-CVE-2026-14108

Use after free in PDFium in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...

8.8CVSS6.2AI score0.00259EPSS
Exploits0References1
Debian CVE
Debian CVE
added 3 days ago3 views

CVE-2026-14108

Use after free in PDFium in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...

8.8CVSS6.2AI score0.00259EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/24 8:39 p.m.8 views

CVE-2026-54651

A flaw was found in pypdf. An attacker can craft a malicious PDF file that, when merged with threads or articles into a writer, can lead to an an infinite loop. This vulnerability can result in a Denial of Service DoS condition, making the affected system unresponsive. Mitigation If PDF processin...

6.9CVSS5.8AI score0.00111EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in PDFium in Google Chrome prior to version 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption through a crafted PDF file. Chromium security severity: High...

8.8CVSS6.1AI score0.0025EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-49460

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/22 3:56 a.m.5 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.3 views

Amazon Linux 2023 : compat-poppler22, compat-poppler22-cpp (ALAS2023-2026-1851)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1851 advisory. A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in GhostScript

A buffer overflow vulnerability exists in the cljmediasize function in devices/gdevclj.c within Artifex Ghostscript 9.50. This vulnerability allows remote attackers to cause a denial of service or other unspecified impacts by opening crafted PDF documents...

7.8CVSS7.4AI score0.00707EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in qpdf

A issue was discovered in QPDF version 10.0.4, allowing remote attackers to execute arbitrary code via a crafted .pdf file, through the PlASCII85Decoder::write parameter in libqpdf...

5.3CVSS5.5AI score0.00503EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Poppler

A vulnerability was discovered in the freedesktop Poppler version 20.12.1. This vulnerability allows remote attackers to trigger a Denial-of-Service DoS attack through a crafted .pdf file, targeting the FoFiType1C::cvtGlyph function...

6.5CVSS7.2AI score0.00927EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file...

5.5CVSS6.6AI score0.01637EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file...

5.5CVSS6.6AI score0.01208EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in poppler, poppler-22

Poppler prior to and including version 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image may lead to a crash or the execution of arbitrary code. This is similar to the vulnerability...

7.8CVSS8.5AI score0.00574EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in imagemagick

An integer overflow issue was discovered in ImageMagick’s ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to GetPixelIndex could result in values that are outside the representable range for ‘unsigned char’. When ImageMagick processes a specially crafted PDF file, this...

5.5CVSS6.9AI score0.00365EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libpodofo

In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete in PdfParserObject.cpp, which may lead to a stack overflow. Remote attackers could exploit this vulnerability to cause a denial-of-service attack, or potentially cause other unspecified impacts...

8.8CVSS7.4AI score0.08458EPSS
Exploits5References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

If a user opens a specially crafted PDF file, the PDF reader may be tricked into leaking cross-origin information, when such information is served as chunked data. This vulnerability affects Firefox versions earlier than 85, Thunderbird versions earlier than 78.7, and Firefox ESR versions earlier...

4.3CVSS6.5AI score0.01056EPSS
Exploits0References1
Rows per page
Query Builder