EUVD-2022-29264

Malicious code in bioql PyPI...

openSUSE: Security Advisory for poppler (SUSE-SU-2023:3292-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : poppler (SUSE-SU-2023:3399-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3399-1 advisory. - In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by...

SUSE-SU-2023:3399-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2019-16115: Fixed an uninitialized memory error in GfxUnivariateShading::setupCache. bsc1150039...

SUSE SLES12 Security Update : poppler (SUSE-SU-2023:3303-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:3303-1 advisory. - In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by...

SUSE-SU-2023:3303-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2019-16115: Fixed an uninitialized memory error in GfxUnivariateShading::setupCache. bsc1150039...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2023:3292-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3292-1 advisory. - In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in...

SUSE-SU-2023:3292-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2019-16115: Fixed an uninitialized memory error in GfxUnivariateShading::setupCache. bsc1150039...

openSUSE 15 Security Update : poppler (SUSE-SU-2023:3241-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3241-1 advisory. - In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColo...

SUSE-SU-2023:3241-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2019-16115: Fixed an uninitialized memory error in GfxUnivariateShading::setupCache. bsc1150039...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2022-24368

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2020-16115

CVE-2020-16115 is rejected/not used per the description; this entry does not represent an active vulnerability.

CVE-2020-16115

...

CVE-2019-16115

CVE-2019-16115 affects poppler/xpdf 4.01.01, where a stack-based buffer under-read in IdentityFunction::transform (Function.cc) can be triggered by crafted PDFs (e.g., via pdftoppm). Impact per the primary record includes Denial of Service and possible unspecified effects, with CVSS scores: v2 ba...

ai.agnos:reactive-sparql_2.12 (>=0.3.0 <=0.3.1), ai.snips:play-mongo-bson_2.12 (>=0.5 <=0.5.1) +1141 more potentially affected by CVE-2018-16115 via com.typesafe.akka:akka-actor_2.12 (>=2.5.0 <=2.5.15)

com.typesafe.akka:akka-actor2.12 MAVEN version =2.5.0, =0.3.0, =0.5, =0.2.0, =0.1.0, =0.1.0, =0.14.0, =0.17.0 and more Source cves: CVE-2018-16115 Source advisory: OSV:GHSA-MR95-9RR4-668F...

be.venneborg:play26-refined_2.11 (>=0.2.0 <=0.3.0), be.venneborg:play27-refined_2.11 (=0.3.0) +573 more potentially affected by CVE-2018-16115 via com.typesafe.akka:akka-actor_2.11 (>=2.5.0 <=2.5.15)

com.typesafe.akka:akka-actor2.11 MAVEN version =2.5.0, =0.2.0, =0.1.1, =1.4-P26-B3, =1.4-P26-B4 - com.andrewgapic:spark-streaming-twitch =1.0.0 and more Source cves: CVE-2018-16115 Source advisory: OSV:GHSA-MR95-9RR4-668F...

7digital-api (>=0.2.1 <=0.5.0-alpha1), @abbott-platform/abbott-framework (>=1.6.1 <=1.6.7) +2456 more potentially affected by CVE-2017-16115 via timespan (>=2.0.1 <=2.3.0)

timespan NPM version =2.0.1, =0.2.1, =1.6.1, =0.2.0-beta.6.2, =1.0.7, =0.0.1, =0.0.1, =1.0.0-rc2, =1.1.29, =1.1.0-RC.1, =1.1.0-beta.5 - @akarui/aoi.db =2.2.1 - @aksigndata/validation-lib =1.0.13 - @alu0101216829/constant-folding =1.0.0 and more Source cves: CVE-2017-16115 Source advisory:...

CVE-2018-16115

CVE-2018-16115 affects Lightbend Akka 2.5.x prior to 2.5.16, where an RNG bug in AES128CounterSecureRNG/AES256CounterSecureRNG used in Akka Remoting (TLS for classic and Artery) can cause repeated random numbers. This enables an attacker to eavesdrop, replay, or modify messages in Akka Remoting/C...

CVE-2017-16115

The timespan module (JavaScript implementation) is vulnerable to a Regular Expression Denial of Service (ReDoS) when parsing dates. A crafted 50k-character input can block the event loop for about 10 seconds, affecting affected versions of the timespan package. The documentation notes no direct p...