15 matches found
EUVD-2026-42203
The application opens a PDF, but the cloud-like appearance of the construction process lacks proper setting of an upper limit and consistency checks. Out-of-bounds access to the underlying array is exposed, ultimately leading to a crash of the application...
PT-2026-56340
Name of the Vulnerable Software and Affected Versions Foxit PDF Editor/Reader affected versions not specified Description An issue occurs when the application opens a PDF and JavaScript performs operations on the page and document. This causes page-related objects to lose synchronization, while t...
CVE-2021-31804
LeoCAD before 21.03 sometimes allows a use-after-free during the opening of a new document...
CVE-2021-21797
An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a timeout object to be stored in two different places. When closed, the document will result in the reference being released twice. This can lea...
libreoffice: Empty entry in Java class path
A flaw was found in LibreOffice. When an empty Java class path entry is configured, LibreOffice will search for Java classes in the current working directory, allowing malicious Java classes to load when opening a document using the file manager, resulting in arbitrary code execution...
SUSE CVE-2018-12392
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...
Description of the security update for SharePoint Enterprise Server 2016: January 11, 2022 (KB5002113)
None None...
Double free
LeoCAD before 21.03 sometimes allows a use-after-free during the opening of a new document...
CVE-2021-31804
LeoCAD before 21.03 sometimes allows a use-after-free during the opening of a new document...
CVE-2018-4040
An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must convince a...
Mozilla: Crash with nested event loops
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...
CVE-2018-12392
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...
CVE-2018-3978
An exploitable out-of-bounds write vulnerability exists in the Word Document parser of the Atlantis Word Processor 3.0.2.3, 3.0.2.5. A specially crafted document can cause Atlantis to write a value outside the bounds of a heap allocation, resulting in a buffer overflow. An attacker must convince ...
VMware Host Guest Client Redirector - DLL Side Loading (Metasploit)
require 'msf/core' class MetasploitModule 'DLL Side Loading Vulnerability in VMware Host Guest Client Redirector', 'Description' = %q A DLL side loading vulnerability was found in the VMware Host Guest Client Redirector, a component of VMware Tools. This issue can be exploited by luring a victim...
VMSA-2016-0010:VMware product updates address multiple HIGH security issues
VMSA-2016-0010.1 VMware product updates address multiple important security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0010.1 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware product updates address multiple security issue...