Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

263 matches found

Tenable Nessus
Tenable Nessusadded 2 days ago2 views

Linux Distros Unpatched Vulnerability : CVE-2026-10118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers ...

7.8CVSS6.1AI score0.00065EPSS
Exploits0References4
NVD
NVDadded 3 days ago9 views

CVE-2026-10118

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS0.00065EPSS
Exploits0References3
OSV
OSVadded 3 days ago1 views

DEBIAN-CVE-2026-10118

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6AI score0.00065EPSS
Exploits0References1
OSV
OSVadded 3 days ago2 views

UBUNTU-CVE-2026-10118

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6AI score0.00065EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 3 days ago6 views

CVE-2026-10118 Poppler: integer overflow in poppler splashoutputdev::tilingpatternfill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6AI score0.00065EPSS
Exploits0References3
CVE
CVEadded 3 days ago14 views

CVE-2026-10118

CVE-2026-10118 – Poppler Splash backend integer overflow : The vulnerability affects Poppler’s Splash backend, in the tilingPatternFill path, where crafted PDFs can trigger an integer overflow that yields an undersized heap allocation, enabling an out-of-bounds write. This can lead to arbitrary c...

7.8CVSS6AI score0.00065EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago7 views

EUVD-2026-33694

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6AI score0.00065EPSS
Exploits0References3
Debian CVE
Debian CVEadded 3 days ago8 views

CVE-2026-10118

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6AI score0.00065EPSS
Exploits0
Cvelist
Cvelistadded 3 days ago22 views

CVE-2026-10118 Poppler: integer overflow in poppler splashoutputdev::tilingpatternfill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS0.00065EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 3 days ago9 views

PT-2026-45444

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6AI score0.00065EPSS
Exploits0References4
CNNVD
CNNVDadded 3 days ago5 views

Poppler input validation vulnerability

Poppler is an open-source PDF rendering library developed by Poppler. Poppler has a vulnerability related to input validation errors. This vulnerability stems from an integer overflow in the tilingPatternFill function within the Splash backend. As a result of this overflow, insufficient heap memo...

7.8CVSS6.1AI score0.00065EPSS
Exploits0References3
OSV
OSVadded 2026/05/18 12:15 a.m.3 views

OSV-2024-1464 Use-of-uninitialized-value in Splash::compositeBackground

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513891492 Crash type: Use-of-uninitialized-value Crash state: Splash::compositeBackground SplashOutputDev::setSoftMask Gfx::doSoftMask...

5.8AI score
Exploits0References1
Fedora
Fedoraadded 2026/04/16 11:42 p.m.5 views

[SECURITY] Fedora 44 Update: plymouth-kcm-6.6.4-1.fc44

This is a System Settings configuration module for configuring the plymouth splash screen...

5.8AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/01/09 8:54 a.m.4 views

CVE-2021-41124

Scrapy-splash is a library which provides Scrapy and JavaScript integration. In affected versions users who use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for Splash authentication will have any non-Splash request expose your credentials to the request target. This includ...

7.5CVSS7AI score0.00284EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/12/16 4:57 a.m.1 views

CVE-2025-14702

A flaw has been found in Smartbit CommV Smartschool App up to 10.4.4. Impacted is an unknown function of the component be.smartschool.mobile.SplashActivity. Executing manipulation can lead to path traversal. The attack requires local access. The exploit has been published and may be used. The...

4.8CVSS5.9AI score0.00017EPSS
Exploits0References1
EUVD
EUVDadded 2025/12/15 3:32 a.m.2 views

EUVD-2025-203328

A flaw has been found in Smartbit CommV Smartschool App up to 10.4.4. Impacted is an unknown function of the component be.smartschool.mobile.SplashActivity. Executing manipulation can lead to path traversal. The attack requires local access. The exploit has been published and may be used. The...

4.8CVSS5.5AI score0.00017EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/12/15 3:32 a.m.24 views

CVE-2025-14702 Smartbit CommV Smartschool App be.smartschool.mobile.SplashActivity path traversal

A flaw has been found in Smartbit CommV Smartschool App up to 10.4.4. Impacted is an unknown function of the component be.smartschool.mobile.SplashActivity. Executing manipulation can lead to path traversal. The attack requires local access. The exploit has been published and may be used. The...

4.8CVSS0.00017EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/12/15 3:32 a.m.1 views

CVE-2025-14702 Smartbit CommV Smartschool App be.smartschool.mobile.SplashActivity path traversal

A flaw has been found in Smartbit CommV Smartschool App up to 10.4.4. Impacted is an unknown function of the component be.smartschool.mobile.SplashActivity. Executing manipulation can lead to path traversal. The attack requires local access. The exploit has been published and may be used. The...

4.8CVSS4.5AI score0.00017EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/12/15 12:0 a.m.2 views

PT-2025-51189

A flaw has been found in Smartbit CommV Smartschool App up to 10.4.4. Impacted is an unknown function of the component be.smartschool.mobile.SplashActivity. Executing manipulation can lead to path traversal. The attack requires local access. The exploit has been published and may be used. The...

4.8CVSS5.9AI score0.00017EPSS
Exploits0References5
CNNVD
CNNVDadded 2025/12/15 12:0 a.m.1 views

Smartbit CommV Smartschool App 路径遍历漏洞

Smartbit CommV Smartschool App is a school management software from the Belgian company Smartbit CommV. A path traversal vulnerability exists in Smartbit CommV Smartschool App version 10.4.4 and earlier, which stems from a path traversal issue in the component be.smartschool.mobile.SplashActivity...

4.8CVSS5AI score0.00017EPSS
Exploits0References4
Rows per page
Query Builder