36169 matches found
CVE-2026-5942
Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program...
CVE-2026-5943 Foxit PDF Editor/Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...
CVE-2026-5943
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...
EUVD-2026-25829
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...
CVE-2026-5943 Foxit PDF Editor/Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...
CVE-2026-5939
A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution...
firefox: thunderbird: Spoofing issue in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the DOM: Core & HTML component...
firefox: thunderbird: Incorrect boundary conditions in the DOM: Device Interfaces component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the DOM: Device Interfaces component...
xss
CSS Style Sheet Mutation alert"This is a test" alert"...
PT-2026-35400
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...
com.alibaba.cloud.ai:document-parser-apache-pdfbox (>=1.0.0-M5.1 <=1.0.0-M6.1), com.alibaba.cloud.ai:document-parser-bibtex (>=1.0.0-M5.1 <=1.0.0-M6.1) +19 more potentially affected by CVE-2026-40980 via org.springframework.ai:spring-ai-pdf-document-reader (>=1.0.0-M5 <=1.0.1)
org.springframework.ai:spring-ai-pdf-document-reader MAVEN version =1.0.0-M5, =1.0.0-M5.1, =1.0.0-M5.1, =1.0.0.1, =1.0.0.1, =1.0.0.1, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.6 - com.chinagoods.framework.thinkc...
PT-2026-35405
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...
PT-2026-35523
🚨 New zero-day in pimcore | Detected by our AI SAST scanner and disclosed by Oscar Naveda. As a CNA, we assigned the ID CVE-2026-5362. Details: 🔗 https://t.co/iZiXYRAAcM. We have announced 232 CVEs to this date: 🔗 https://t.co/fgMrQcycLm https://t.co/gFxbxDglVo...
SQL Injection
Overview org.springframework.ai:spring-ai-azure-cosmos-db-store is a Spring AI Vector Store for Azure Cosmos DB Affected versions of this package are vulnerable to SQL Injection via document ID handling in CosmosDBVectorStore. An attacker can execute arbitrary SQL queries by supplying crafted...
Foxit PDF Editor < 13.2.4 Multiple Vulnerabilities
According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 13.2.4. It is, therefore affected by multiple vulnerabilities: - Document structural anomalies caused inconsistencies between page element relationships an...
CVE-2018-25279
jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG file. Attackers can create a specially crafted PNG file with an oversized buffer and trigger the crash when the application attempts to convert...
CVE-2018-25279 jiNa OCR Image to Text 1.0 Denial of Service via PNG
jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG file. Attackers can create a specially crafted PNG file with an oversized buffer and trigger the crash when the application attempts to convert...
EUVD-2018-21799
jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG file. Attackers can create a specially crafted PNG file with an oversized buffer and trigger the crash when the application attempts to convert...
secops-ai-threat-analyzer
🛡️ SecOpsAI: Threat Analysis & Adaptive Security Engine An e...
MINI-FWXQ-V3J2-HGFJ
Bulletin has no description...