EUVD-2021-28138

Malicious code in bioql PyPI...

HTMLDOC 1.9.13 - Stack Buffer Overflow

!/usr/bin/env python3 Exploit Title: HTMLDOC 1.9.13 - Stack Buffer Overflow Google Dork: N/A Date: 2025-08-26 Exploit Author: wulfgarpro Vendor Homepage: https://github.com/michaelrsweet/htmldoc Software Link: https://github.com/michaelrsweet/htmldoc/releases/tag/v1.9.13 Version: 256. Negative...

Advisory ROSA-SA-2025-2993

software: htmldoc 1.9.20 OS: ROSA-CHROME unaffected versions = htmldoc-1.9.20-1 affected versions htmldoc-1.9.20-1 CVE-ID: CVE-2024-45508 BDU-ID: 2025-04747 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the parseparagraph function of the ps-pdf.cxx component of the HTMLDOC document conversion...

Linux Distros Unpatched Vulnerability : CVE-2021-23180

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in htmldoc in v1.9.12 and before. Null pointer dereference in fileextension,in file.c may lead to execute arbitrary code and denial of service...

Linux Distros Unpatched Vulnerability : CVE-2022-28085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in the function pdfwritenames in ps- pdf.cxx may lead to arbitrary code execution and Denial ...

CVE-2024-45508

HTMLDOC before 1.9.19 has an out-of-bounds write in parseparagraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node...

CVE-2024-46478

HTMLDOC v1.9.18 contains a buffer overflow in parsepre function,ps-pdf.cxx:5681...

The vulnerability of the parse_pre function in the ps-pdf.cxx component of the HTMLDOC document conversion tool allows a attacker to cause a service failure.

The vulnerability of the parsepre function in the ps-pdf.cxx component of the HTMLDOC conversion tool is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to cause service interruptions...

Linux Distros Unpatched Vulnerability : CVE-2022-0137

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow in imagesetmask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries. CVE-2022-0137 Note that Ness...

Linux Distros Unpatched Vulnerability : CVE-2022-34035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via enode htmldoc/htmldoc/html.cxx:588. CVE-2022-34035 Note that Nessus relies on the presen...

openSUSE Security Advisory (openSUSE-SU-2024:0303-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the write_header() function in the htmldoc/html.cxx script of the HTMLDOC conversion tool allows a attacker to cause a service failure.

The vulnerability of the writeheader function in the htmldoc/html.cxx document, a tool for converting HTML DOC documents, is related to the escape operation going beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to cause a service failure...

The vulnerability of the pdf_write_names() function in the htmldoc/htmldoc.cxx script of the HTMLDOC conversion tool allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the pdfwritenames function in the htmldoc/htmldoc.cxx document, a tool for converting HTML DOC documents, is related to the escape operation going beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected...

The vulnerability of the e_node() function in the htmldoc/html.cxx script of the HTMLDOC conversion tool allows a perpetrator to cause a service failure.

The vulnerability of the enode function in the htmldoc/html.cxx document, a tool for converting HTML DOC documents, is related to the escape character being output outside of the buffer in memory. Exploiting this vulnerability allows an attacker to cause service interruptions...

Ubuntu: Security Advisory (USN-7225-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : HTMLDOC vulnerabilities (USN-7225-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7225-1 advisory. It was discovered that HTMLDOC incorrectly handled memory in the imagesetmask,...

Ubuntu: Security Advisory (USN-7189-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : HTMLDOC vulnerabilities (USN-7189-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7189-1 advisory. It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. An attack...

Mageia: Security Advisory (MGASA-2024-0353)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated htmldoc packages fix security vulnerabilities

HTMLDOC before 1.9.19 has an out-of-bounds write in parseparagraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node. CVE-2024-45508 HTMLDOC v1.9.18 contains a buffer overflow in parsepre function,ps-pdf.cxx:5681. CVE-2024-46478...