Lucene search
+L

10526 matches found

redhat
redhat
added 2026/06/30 6:58 a.m.10 views

Important: Red Hat Security Advisory: evince security update

An update for evince is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.4CVSS5.8AI score0.00529EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2026/06/30 12:0 a.m.7 views

PT-2026-54238

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient data validation in the PDF component allows a remote attacker who has already compromised the renderer process to bypass navigation restrictions by using a specially crafte...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
nvd
nvd
added 2026/06/29 6:16 p.m.13 views

CVE-2026-57957

Papermark through 0.22.0 contains a cross-origin resource sharing CORS misconfiguration vulnerability that allows unauthenticated remote attackers to perform credentialed cross-origin requests by exploiting the TUS-based viewer upload endpoint reflecting arbitrary request Origins with...

4.7CVSS0.0025EPSS
Exploits0References3
redhat
redhat
added 2026/06/29 5:50 p.m.9 views

Important: Red Hat Security Advisory: evince security update

An update for evince is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.4CVSS5.8AI score0.00529EPSS
Exploits1References2
cve
cve
added 2026/06/29 5:23 p.m.19 views

CVE-2026-57957

Summary (CVE-2026-57957): Papermark up to version 0.22.0 has a CORS misconfiguration in the TUS-based viewer upload endpoint. This flaw reflects arbitrary request Origins with Access-Control-Allow-Credentials set to true, enabling unauthenticated remote attackers to perform credentialed cross-ori...

4.7CVSS6AI score0.0025EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/29 5:23 p.m.40 views

CVE-2026-57957 Papermark 0.22.0 - CORS Misconfiguration in Viewer Upload Endpoint

Papermark through 0.22.0 contains a cross-origin resource sharing CORS misconfiguration vulnerability that allows unauthenticated remote attackers to perform credentialed cross-origin requests by exploiting the TUS-based viewer upload endpoint reflecting arbitrary request Origins with...

4.7CVSS0.0025EPSS
Exploits0References3
osv
osv
added 2026/06/29 5:23 p.m.5 views

CVE-2026-57957 Papermark 0.22.0 - CORS Misconfiguration in Viewer Upload Endpoint

Papermark through 0.22.0 contains a cross-origin resource sharing CORS misconfiguration vulnerability that allows unauthenticated remote attackers to perform credentialed cross-origin requests by exploiting the TUS-based viewer upload endpoint reflecting arbitrary request Origins with...

2.3CVSS6.1AI score0.0025EPSS
Exploits0References6
euvd
euvd
added 2026/06/26 3:32 p.m.6 views

EUVD-2026-39773

An integer overflow in the PSD parser compnent of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code or cause a Denial of Service DoS via supplying a crafted PSD file...

7.5CVSS6.2AI score0.00571EPSS
Exploits0References3
euvd
euvd
added 2026/06/26 3:32 p.m.12 views

EUVD-2026-39772

A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the context of the current process via supplying a crafted JPEG 2000 JP2 file...

6.5CVSS6.2AI score0.00465EPSS
Exploits0References3
nvd
nvd
added 2026/06/26 3:16 p.m.7 views

CVE-2026-57647

Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...

7.5CVSS0.00259EPSS
Exploits0References1
nvd
nvd
added 2026/06/26 3:16 p.m.9 views

CVE-2026-30041

An integer overflow in the PSD parser compnent of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code or cause a Denial of Service DoS via supplying a crafted PSD file...

7.5CVSS0.00571EPSS
Exploits0References2
nvd
nvd
added 2026/06/26 3:16 p.m.7 views

CVE-2026-30040

A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the context of the current process via supplying a crafted JPEG 2000 JP2 file...

6.5CVSS0.00465EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/26 2:53 p.m.9 views

CVE-2026-57647

Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References2
cve
cve
added 2026/06/26 2:53 p.m.16 views

CVE-2026-57647

CVE-2026-57647 concerns the WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin, affected in versions

7.5CVSS5.8AI score0.00259EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/26 2:53 p.m.33 views

CVE-2026-57647 WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin <= 1.6.1 - Local File Inclusion vulnerability

Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...

7.5CVSS0.00259EPSS
Exploits0References1
euvd
euvd
added 2026/06/26 2:53 p.m.9 views

EUVD-2026-39762

Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References1
patchstack
patchstack
added 2026/06/26 1:14 p.m.5 views

WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin <= 1.6.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by endy in WordPress Plugin Panorama Viewer – 360 Degree Image + Video Viewer versions = 1.6.1...

7.5CVSS5.8AI score0.00259EPSS
Exploits0Affected Software1
osv
osv
added 2026/06/26 8:42 a.m.6 views

BIT-GRAFANA-2026-10601 Path traversal in the Tempo and Loki data source plugins

A user with Viewer permissions can use specially crafted requests to the Tempo and Loki data source plugins to reach unintended backend endpoints. Depending on the backend configuration this can expose data source credentials, leak internal responses, or trigger administrative actions on the...

5.4CVSS6.1AI score0.00258EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/26 12:0 a.m.33 views

CVE-2026-30041

An integer overflow in the PSD parser compnent of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code or cause a Denial of Service DoS via supplying a crafted PSD file...

0.00571EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/26 12:0 a.m.34 views

CVE-2026-30040

A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the context of the current process via supplying a crafted JPEG 2000 JP2 file...

0.00465EPSS
Exploits0References2
Rows per page
Query Builder