Lucene search
+L

4238 matches found

NVD
NVD
added 2026/06/30 11:17 p.m.7 views

CVE-2026-56365

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...

6.3CVSS0.00284EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-13962

Insufficient data validation in PDF in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 10:39 p.m.25 views

CVE-2026-14108

CVE-2026-14108 is a use-after-free in PDFium underlying Google Chrome prior to 150.0.7871.47. The flaw allows a remote attacker to execute arbitrary code inside the browser sandbox via a crafted PDF file. Affected component: PDFium within Chrome; root cause: use-after-free vulnerability. Impact: ...

8.8CVSS6.2AI score0.00259EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:8 p.m.35 views

CVE-2026-56365 ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...

6.3CVSS0.00284EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/30 10:8 p.m.9 views

CVE-2026-56365

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...

6.3CVSS5.8AI score0.00284EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/29 5:50 p.m.7 views

atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

A flaw was found in Atril, Evince and Xreader. A malicious link inside a specially crafted PDF document can cause arbitrary code execution when clicked due to improper quoting of attacker-controlled PDF link-destination fields during remote go-to /GoToR actions. This issue allows an attacker to...

8.4CVSS6.6AI score0.00529EPSS
Exploits1References12
NVD
NVD
added 2026/06/29 2:16 a.m.11 views

CVE-2026-13522

A security flaw has been discovered in Investintech SlimPDFReader up to 2.0.14. Affected by this issue is the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of the file SlimPDFReader.exe of the component PDF File Handler. Performing a manipulation results in out-of-bounds read. It is...

5.3CVSS0.00293EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 1:15 a.m.20 views

CVE-2026-13522

Investintech SlimPDFReader up to version 2.0.14 is affected by an out-of-bounds read in SlimPDFReader.exe (PDF File Handler). The vulnerable component is the function Investintech::PCV::TeighaDo+0x25cde0 inside SlimPDFReader.exe. A manipulation can trigger the out-of-bounds read, and the issue ca...

5.3CVSS5.5AI score0.00293EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 9:4 p.m.2 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS7AI score0.00252EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 2:32 p.m.37 views

CVE-2026-57532

CVE-2026-57532 describes a vulnerability where malicious HTML content contained in the layout specification of a PDF ticket/badge layout is executed when the PDF editor is opened in a browser. This could allow one backend user to inject JavaScript into the browser context of another backend user....

8.8CVSS5.9AI score0.0033EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in mupdf

A integer overflow vulnerability exists in the 'pdf-image.c' file in Artifex’s MuPDF version 1.27.0. This vulnerability allows an attacker to create a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This enables a heap out-of-bounds write, which could be exploited...

7.8CVSS6.4AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in PDFium in Google Chrome prior to version 147.0.7727.101 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted PDF file. Chromium security severity: High...

8.8CVSS7.9AI score0.00336EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 12:5 p.m.8 views

RLSA-2026:28233 Moderate: libpng security update

The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes: libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of servi...

7.6CVSS6.5AI score0.01052EPSS
Exploits1References3
AlmaLinux
AlmaLinux
added 2026/06/24 12:0 a.m.6 views

Important: evince security update

The evince packages provide a simple multi-page document viewer for Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS files, and, with additional back-ends, also the Device Independent File format DVI files. Security Fixes: atril: evince: xreader: PDF /GoToR action argv...

8.4CVSS5.9AI score0.00529EPSS
Exploits1References4
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.6 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in PDF files in Google Chrome prior to version 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions through a crafted PDF file. Chromium security severity: Low...

6.5CVSS5.5AI score0.00147EPSS
Exploits0References3
CVE
CVE
added 2026/06/22 8:28 p.m.24 views

CVE-2026-49460

CVE-2026-49460 affects the Python PDF library pypdf . Prior to version 6.12.2 , processing a PDF that uses a stream with the /FlateDecode filter and a PNG predictor can cause unusually long runtimes. The issue is fixed in 6.12.2 . Impact, in line with the sources, is a denial of service-like slow...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/22 8:27 p.m.23 views

CVE-2026-49461

CVE-2026-49461 affects the Python PDF library pypdf . The vulnerability occurs before version 6.12.2 and lets an attacker craft a PDF whose page contains a form XObject with self-references, causing large memory usage during text extraction. Impact is memory-related and can affect systems process...

6.9CVSS5.8AI score0.00123EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/22 3:0 a.m.7 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References5
Fedora
Fedora
added 2026/06/21 1:1 a.m.6 views

[SECURITY] Fedora 44 Update: mingw-SDL2_image-2.8.12-1.fc44

Simple DirectMedia Layer SDL2 is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This package contains a simple library for loading images of various formats BMP, PPM, PCX, GIF, JPEG, PNG as SDL2 surfaces...

7.1CVSS5.9AI score0.00262EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/06/19 5:29 a.m.103 views

imagemagick-gs-delegate-hijack-poc

ImageMagick Ghostscript Delegate Search Path PoC This reposit...

5.8AI score
Exploits0
Rows per page
Query Builder