Lucene search
K

140 matches found

Cvelist
Cvelist
added 2024/11/13 3:20 p.m.16 views

CVE-2024-8049 Telerik Document Processing Improper Handling of Memory Resources

In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 2024.4.1106, importing a document with unsupported features can lead to excessive processing, leading to excessive use of computing resources leaving the application process unavailable...

6.5CVSS0.00412EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.4 views

Progress Telerik Document Processing Libraries 安全漏洞

Progress Telerik Document Processing Libraries is a document processing library from Progress USA. A security vulnerability exists in versions of Progress Telerik Document Processing Libraries prior to 2024 Q4, which originates when importing a document with unsupported functionality can lead to...

6.5CVSS6.6AI score0.00412EPSS
Exploits0References3
NVD
NVD
added 2024/05/01 6:15 p.m.30 views

CVE-2024-29010

The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity XXE injection, potentially resulting in the disclosure of sensitive information. This issue affects GMS: 9.3.4 and earlier versions...

7.1CVSS6.8AI score0.00621EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/01 6:12 p.m.32 views

CVE-2024-29010

The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity XXE injection, potentially resulting in the disclosure of sensitive information. This issue affects GMS: 9.3.4 and earlier versions...

7.1CVSS7AI score0.00621EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2024/03/27 7:36 p.m.44 views

CVE-2024-23450

A flaw was found in elasticsearch. Trying to process a document in a deeply nested pipeline may cause the related ingest node to crash, resulting in a Denial of Service...

4.9CVSS6.8AI score0.00943EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/03/27 6:32 p.m.28 views

Elasticsearch Uncontrolled Resource Consumption vulnerability

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

7.5CVSS6.6AI score0.00943EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/03/27 5:15 p.m.23 views

CVE-2024-23450

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

7.5CVSS4.9AI score0.00943EPSS
Exploits0References3
OSV
OSV
added 2024/03/27 5:15 p.m.1 views

UBUNTU-CVE-2024-23450

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

7.5CVSS6.7AI score0.00943EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/01/12 12:0 a.m.6 views

The vulnerability of the gdev_prn_open_printer_seekable() function in the interpreter for software that processes, transforms, and generates Ghostscript documents allows a attacker to cause a service failure.

The vulnerability of the gdevprnopenprinterseekable function in the interpreter for Ghostscript software, which is used for document processing, conversion, and generation, is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause...

7.8CVSS7.2AI score0.0153EPSS
Exploits0References10Affected Software5
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.7 views

PT-2023-30328 · Typo3 · Typo3/Html-Sanitizer

Name of the Vulnerable Software and Affected Versions: typo3/html-sanitizer versions prior to 1.5.3 typo3/html-sanitizer versions prior to 2.1.4 Description: The issue arises from incorrect handling of DOM processing instructions, allowing bypassing of the cross-site scripting mechanism of...

6.1CVSS5.9AI score0.00574EPSS
Exploits1References10
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.8 views

The vulnerability of the PyPDF2 library for processing PDF files, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.

The vulnerability of the PyPDF2 library for processing PDF files relates to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.7AI score0.00573EPSS
Exploits1References9Affected Software3
OSV
OSV
added 2023/10/31 4:15 p.m.1 views

UBUNTU-CVE-2023-46250

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions 3.7.0 through 3.16.4 can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single core of the CPU by 100%. It does not affec...

5.5CVSS7.2AI score0.00243EPSS
Exploits0References6
NVD
NVD
added 2023/10/19 5:15 p.m.39 views

CVE-2023-35126

An out-of-bounds write vulnerability exists within the parsers for both the "DocumentViewStyles" and "DocumentEditStyles" streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of a style record with the type 0x2008. A specially crafted document can cause memory corruption, whic...

7.8CVSS7.9AI score0.00484EPSS
Exploits1References3
CVE
CVE
added 2023/10/19 4:2 p.m.53 views

CVE-2023-35126

CVE-2023-35126 affects JustSystems Ichitaro 2023 where the vulnerability resides in the parsing of the DocumentViewStyles and DocumentEditStyles streams (record type 0x2008). The root cause is an out-of-bounds index into a 6-element lv_objects array used during readStyleType(2008), which enables ...

7.8CVSS8AI score0.00484EPSS
Exploits1References3Affected Software19
OSV
OSV
added 2023/10/17 11:40 a.m.8 views

USN-6433-1 ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PDF documents. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code...

8.8CVSS5.9AI score0.0468EPSS
Exploits0References2
Redos
Redos
added 2023/09/12 12:0 a.m.30 views

ROS-20230911-05

Vulnerability in the document processing, conversion and generation software suite Ghostscript exists due to failure to take measures to neutralize special elements used in the operating system command. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by using t...

7.8CVSS7.2AI score0.03236EPSS
Exploits3
OSV
OSV
added 2023/09/02 11:5 a.m.6 views

OESA-2023-1561 poppler security update

poppler is a PDF rendering library. Security Fixes: Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.CVE-2020-23804 In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a...

7.5CVSS6.9AI score0.00959EPSS
Exploits5References6
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.6 views

The vulnerability of the PDF-XChange document viewing and editing program relates to the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the PDF-XChange PDF document viewing and editing program lies in the escape of operations from the buffer in memory during PDF file processing. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created link or a specially created fil...

7.8CVSS7.8AI score0.00571EPSS
Exploits0References5Affected Software1
Redos
Redos
added 2023/04/14 12:0 a.m.27 views

ROS-20230414-01

A vulnerability in the Ghostscript document processing toolkit is related to a buffer overflow in the BCPEncode, BCPDecode, TBCPEncode and TBCPDecode handlers. BCPEncode, BCPDecode, TBCPEncode and TBCPDecode handlers, in case when the write buffer is underfilled by one byte and then a shielded...

9.8CVSS9.3AI score0.06341EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2023/04/13 12:0 a.m.5 views

The vulnerability of the Ghostscript software for document processing, conversion, and generation, related to writing beyond buffer boundaries in memory, allows a perpetrator to execute arbitrary code.

The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.06341EPSS
Exploits1References15Affected Software7
Rows per page
Query Builder