CVE-2026-5287

CVE-2026-5287 is a use-after-free vulnerability in the PDF handling of Google Chrome. The flaw allows remote code execution inside the browser sandbox via a crafted PDF file, affecting Chrome prior to version 146.0.7680.178 (reported as High severity). The core issue is in the PDF processing path...

PT-2025-52674

Name of the Vulnerable Software and Affected Versions Umbraco CMS version 16.3.3 Description An arbitrary file upload issue exists in Umbraco CMS version 16.3.3. Attackers can potentially execute arbitrary code by uploading a specially crafted PDF file. The supplier disputes responsibility, stati...

CVE-2025-56526

CVE-2025-56526 concerns Kotaemon 0.11.0 and is described as a cross-site scripting (XSS) vulnerability. The issue allows an attacker to execute arbitrary code through a crafted PDF rendered by Kotaemon. The published descriptor includes a CVSS 3.1 base score of 6.1 (Medium) with network attack ve...

SUSE CVE-2007-6725

The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cfdecode2d function...

SUSE CVE-2017-18267

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service infinite recursion via a crafted PDF file, as demonstrated by pdftops...

SUSE CVE-2018-16648

In Artifex MuPDF 1.13.0, the fzappendbyte function in fitz/buffer.c allows remote attackers to cause a denial of service segmentation fault via a crafted pdf file. This is caused by a pdf/pdf-device.c pdfdevalpha array-index underflow...

多款Adobe产品缓冲区错误漏洞

Adobe Acrobat is a set of PDF file editing and conversion tools. The software is used to print, sign and annotate PDFs.Several Adobe products are vulnerable to an out-of-bounds reading vulnerability, which stems from a boundary error when processing PDF files. A remote attacker could use the...

多款Adobe产品缓冲区错误漏洞

Adobe Acrobat is a set of PDF file editing and conversion tools. The software is used to print, sign and annotate PDFs.Several Adobe products are vulnerable to an out-of-bounds read vulnerability, which stems from a boundary error when processing PDF files. A remote attacker could use the...

Adobe Acrobat and Reader 资源管理错误漏洞

Adobe Acrobat, a PDF file editing and conversion tool from Adobe, is vulnerable to a resource management error in Adobe Acrobat and Reader, which results from a post-release usage error when processing PDF files. A remote attacker could exploit the vulnerability to create a specially crafted PDF...

Adobe Acrobat Reader Dc 代码问题漏洞

Adobe Acrobat Reader Dc is a Pdf reading tool from Adobe USA. Used to reliably view, print and annotate Pdf documents. Adobe Acrobat Reader Dc has a code issue vulnerability that stems from a NULL pointer dereference error. A remote attacker could use the vulnerability to trick victims into openi...

多款Foxit产品资源管理错误漏洞

Foxit PhantomPDF and others are products of Foxit, a Chinese company.Foxit PhantomPDF is a PDF document reader.Foxit PDF Reader is a PDF reader.Foxit PDF Editor is a PDF editor. A resource management error vulnerability exists in multiple Foxit models, which stems from a failure to properly...

PT-2021-2326 · Adobe · Acrobat Reader

Name of the Vulnerable Software and Affected Versions: Acrobat Reader DC versions 2020.013.20074 and earlier Acrobat Reader DC versions 2020.001.30018 and earlier Acrobat Reader DC versions 2017.011.30188 and earlier Description: The issue is related to a memory corruption vulnerability that can ...

USN-4646-1 poppler vulnerabilities

It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service...

Buffer overflow vulnerability in multiple Apple products (CNVD-2020-65914)

Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. tvOS is an operating system for smart TVs. A buffer overflow vulnerability exists in multiple Apple products, allowing remote attackers to exploit the vulnerability by submitting a...

CVE-2020-24409

Adobe Illustrator version 24.2 and earlier is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This...

DEBIAN-CVE-2020-16305

A buffer overflow vulnerability in pcxwriterle in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ALPINE-CVE-2020-16293

A null pointer dereference vulnerability in composegroupnonknockoutnonblendisolatedallmaskcommon in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

DEBIAN-CVE-2020-16295

A null pointer dereference vulnerability in cljmediasize in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

Foxit PDF Reader U3D Plugin's ci*** module suffers from an override read vulnerability

Foxit PDF Reader is an e-book reader. The ci module of the Foxit PDF Reader U3D plug-in has an override read vulnerability that can be exploited by an attacker to execute code in the current application context by constructing a special PDF file...

UBUNTU-CVE-2019-13290

Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fzappenddisplaynode located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node...