Lucene search
+L

965 matches found

OSV
OSV
added 2026/06/01 5:16 p.m.14 views

UBUNTU-CVE-2026-10118

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6AI score0.00252EPSS
Exploits0References4
CVE
CVE
added 2026/06/01 3:33 p.m.59 views

CVE-2026-10118

CVE-2026-10118 – Poppler Splash backend integer overflow : The vulnerability affects Poppler’s Splash backend, in the tilingPatternFill path, where crafted PDFs can trigger an integer overflow that yields an undersized heap allocation, enabling an out-of-bounds write. This can lead to arbitrary c...

7.8CVSS6AI score0.00252EPSS
Exploits0References21
Cvelist
Cvelist
added 2026/06/01 3:33 p.m.42 views

CVE-2026-10118 Poppler: integer overflow in poppler splashoutputdev::tilingpatternfill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS0.00252EPSS
Exploits0References20
Vulnrichment
Vulnrichment
added 2026/06/01 3:33 p.m.14 views

CVE-2026-10118 Poppler: integer overflow in poppler splashoutputdev::tilingpatternfill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6AI score0.00252EPSS
Exploits0References20
ATTACKERKB
ATTACKERKB
added 2026/06/01 3:33 p.m.3 views

CVE-2026-10118

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References21
Debian CVE
Debian CVE
added 2026/06/01 3:33 p.m.18 views

CVE-2026-10118

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6AI score0.00252EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/01 3:29 p.m.12 views

CVE-2026-10118

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6AI score0.00252EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/01 3:25 p.m.27 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the tilingPatternFill function. An attacker can execute arbitrary code, disclose sensitive information, or cause a denial of service by supplying a specially crafted PDF file to an application that...

8.4CVSS5.5AI score0.00252EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Poppler 数字错误漏洞

Poppler is an open-source PDF rendering library developed by Poppler. Poppler has a vulnerability related to input validation errors. This vulnerability stems from an integer overflow in the tilingPatternFill function within the Splash backend. As a result of this overflow, insufficient heap memo...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.15 views

PT-2026-45444

Name of the Vulnerable Software and Affected Versions Poppler affected versions not specified Description A flaw in the Splash backend allows a remote attacker to trigger an integer overflow in the tilingPatternFill function by using a specially crafted PDF file. This overflow causes an undersize...

7.8CVSS5.8AI score0.00252EPSS
Exploits0References59
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:5 a.m.10 views

net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo

...

5.5CVSS5.4AI score0.00128EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:6 a.m.9 views

bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst()

...

5.5CVSS5.4AI score0.00115EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.37 views

SUSE CVE-2025-71312

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32245

In the Linux kernel, the following vulnerability has been resolved: gfs2: fix memory leaks in gfs2fillsuper error path Fix two memory leaks in the gfs2fillsuper error handling path when transitioning a filesystem to read-write mode fails. First leak: kthread objects threadstruct, taskstruct, etc...

5.9AI score0.00143EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 3:33 p.m.14 views

EUVD-2026-32233

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

5.8AI score0.00088EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/27 12:57 p.m.12 views

SUSE CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

5.9CVSS5.8AI score0.00115EPSS
Exploits0References16
Cvelist
Cvelist
added 2026/05/27 12:24 p.m.48 views

CVE-2025-71312 fs/ntfs3: fix ntfs_mount_options leak in ntfs_fill_super()

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

0.00137EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.15 views

CVE-2025-71312

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

5.5CVSS6AI score0.00137EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.16 views

CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

5.5CVSS6.4AI score0.00115EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.10 views

CVE-2026-45961

In the Linux kernel, the following vulnerability has been resolved: gfs2: fix memory leaks in gfs2fillsuper error path Fix two memory leaks in the gfs2fillsuper error handling path when transitioning a filesystem to read-write mode fails. First leak: kthread objects threadstruct, taskstruct, etc...

5.5CVSS6AI score0.00143EPSS
Exploits0References2
Rows per page
Query Builder