Lucene search
K

1795 matches found

OSV
OSV
added 2025/12/11 4:16 p.m.5 views

CVE-2025-55309

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal focus change...

6.7CVSS5.8AI score0.00117EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 5:16 a.m.9 views

CVE-2025-59788

A flaw was found in Nextcloud's PDF Portable Document Format viewer. This vulnerability allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted PDF file to viewer.html in the filespdfviewer example directory...

6.4CVSS6.9AI score0.00255EPSS
Exploits1References2
CVE
CVE
added 2025/12/11 12:0 a.m.23 views

CVE-2025-55308

Foxit PDF/Editor for Windows versions prior to 13.2 and the 2025 line prior to 2025.2 are affected by a use-after-free vulnerability. A crafted PDF with JavaScript that calls closeDoc() while internal objects are still in use can cause premature object release, leading to memory corruption and po...

6.7CVSS7.4AI score0.00119EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.31 views

CVE-2025-55309

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal focus change...

0.00117EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/12/09 8:32 a.m.2 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/12/04 12:0 a.m.22 views

CVE-2025-59788

Cross-site scripting XSS vulnerability in a reachable filespdfviewer example directory in Nextcloud with versions before 22.2.10.33, 23.0.12.29, 24.0.12.28, 25.0.13.23, 26.0.13.20, 27.1.11.20, 28.0.14.11, 29.0.16.8, 30.0.17, 31.0.10, and 32.0.1 allows attackers to execute arbitrary JavaScript in...

6.4CVSS0.00255EPSS
Exploits1References3
OSV
OSV
added 2025/11/25 10:18 p.m.6 views

JLSEC-2025-256 In LibTIFF, there is a memory malloc failure in tif_pixarlog.c

In LibTIFF, there is a memory malloc failure in tifpixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack...

5.5CVSS6.8AI score0.01574EPSS
Exploits0References8
CVE
CVE
added 2025/11/18 12:0 a.m.12 views

CVE-2025-56526

CVE-2025-56526 concerns Kotaemon 0.11.0 and is described as a cross-site scripting (XSS) vulnerability. The issue allows an attacker to execute arbitrary code through a crafted PDF rendered by Kotaemon. The published descriptor includes a CVSS 3.1 base score of 6.1 (Medium) with network attack ve...

6.1CVSS6.3AI score0.0036EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/11/18 12:0 a.m.7 views

CVE-2025-56526

Cross site scripting XSS vulnerability in Kotaemon 0.11.0 allowing attackers to execute arbitrary code via a crafted PDF...

6.1CVSS6.6AI score0.0036EPSS
Exploits1References7
OSV
OSV
added 2025/11/10 9:58 p.m.4 views

CVE-2025-64512 pdfminer.six vulnerable to Arbitrary Code Execution via Crafted PDF Input

Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The CMapDB.loaddata function in...

8.6CVSS7AI score0.00314EPSS
Exploits1References7
OSV
OSV
added 2025/11/07 12:30 p.m.3 views

OESA-2025-2622 poppler security update

Poppler is a free software utility library for rendering Portable Document Format PDF documents. \ Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \ the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes: An issue...

5.5CVSS5.7AI score0.00517EPSS
Exploits1References2
OSV
OSV
added 2025/10/31 2:55 p.m.3 views

SUSE-SU-2025:3898-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files bsc1250908...

2.9CVSS7AI score0.00124EPSS
Exploits0References3
OSV
OSV
added 2025/10/22 10:15 p.m.7 views

UBUNTU-CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

8.7CVSS7AI score0.00402EPSS
Exploits0References6
OSV
OSV
added 2025/10/17 5:40 p.m.6 views

JLSEC-2025-90 In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a ...

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

7.5CVSS7.1AI score0.00559EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/10/17 12:0 a.m.5 views

SigningHub 安全漏洞

SigningHub is an electronic signature platform from SigningHub UK. A security vulnerability exists in SigningHub version v8.6.8, which stems from allowing the upload of specially crafted PDF files and could lead to the execution of arbitrary code...

9.8CVSS7.1AI score0.00571EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-2870

Malware in sbrugna...

6.8CVSS6.1AI score0.01235EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-18657

Malware in sbrugna...

7.8CVSS7.7AI score0.0275EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-18543

Malware in sbrugna...

7.8CVSS7.7AI score0.02458EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-12730

Malware in sbrugna...

5.5CVSS5.6AI score0.01114EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-18541

Malware in sbrugna...

7.8CVSS7.7AI score0.01785EPSS
Exploits1References6
Rows per page
Query Builder