Lucene search
K

147 matches found

OSV
OSV
added 2022/08/12 8:15 p.m.1 views

UBUNTU-CVE-2022-2624

Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file...

8.8CVSS7.5AI score0.00799EPSS
Exploits0References2
OSV
OSV
added 2022/07/27 10:15 p.m.2 views

DEBIAN-CVE-2022-1875

Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS5.6AI score0.00668EPSS
Exploits0References1
OSV
OSV
added 2022/07/27 10:15 p.m.1 views

UBUNTU-CVE-2022-1875

Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS7.3AI score0.00668EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/13 12:0 a.m.9 views

Adobe Acrobat和Adobe Reader 资源管理错误漏洞

Adobe Acrobat and Adobe Reader are the United States of America Odo than Adobe company's products. Adobe Acrobat is a set of PDF file editing and conversion tools. Adobe Reader is a set of PDF document reading software. Adobe Acrobat and Adobe Reader there are resource management error...

7.8CVSS6.2AI score0.03363EPSS
Exploits0References6
Prion
Prion
added 2021/09/29 4:15 p.m.15 views

Stack overflow

Acrobat Reader DC versions 2021.005.20060 and earlier, 2020.004.30006 and earlier and 2017.011.30199 and earlier are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitati...

5.8CVSS6.4AI score0.02509EPSS
Exploits0References1Affected Software4
OSV
OSV
added 2021/09/15 5:15 p.m.4 views

CVE-2021-27046

A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files...

7.8CVSS6.2AI score0.00298EPSS
Exploits0References1
OSV
OSV
added 2021/09/08 2:15 p.m.2 views

CVE-2021-30786

A race condition was addressed with improved state handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution...

7CVSS7.3AI score0.00791EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2021/06/25 12:0 a.m.10 views

June 29, 2021—KB5004760 (OS Builds 19041.1082, 19042.1082, and 19043.1082) Out-of-band

June 29, 2021—KB5004760 OS Builds 19041.1082, 19042.1082, and 19043.1082 Out-of-band 6/21/21 IMPORTANT This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the machine. For more information, see the Update on Adobe Flash Player End of Support. 4/13/21...

6.6AI score
Exploits0
NVD
NVD
added 2021/05/07 9:15 p.m.22 views

CVE-2021-31447

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS0.02023EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2021/01/29 12:0 a.m.91 views

ImageMagick: Command injection

Background A collection of tools and libraries for many image formats. Description A flaw in ImageMagick’s handling of password protected PDFs was discovered. Impact A remote attacker could entice a user to open a specially crafted PDF using ImageMagick possibly resulting in execution of arbitrar...

7.8CVSS8.2AI score0.07508EPSS
Exploits1
OSV
OSV
added 2021/01/15 12:0 a.m.11 views

OSV-2018-245 Use-of-uninitialized-value in fz_keep_imp

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6837 Crash type: Use-of-uninitialized-value Crash state: fzkeepimp pdfcopypatterngstate pdfshowpattern...

7.2AI score
Exploits0References1
Veracode
Veracode
added 2020/12/06 3:7 a.m.26 views

Integer Overflow

Google Chrome is vulnerable to integer overflow. An attacker may perform out of bounds memory access via a crafted PDF file...

8.8CVSS5.3AI score0.01223EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2020/10/20 10:15 p.m.21 views

Cross site scripting

Adobe Illustrator version 24.2 and earlier is affected by an out-of-bounds write vulnerability when handling crafted PDF files. This could result in a write past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This...

6.8CVSS7.8AI score0.04071EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/07/17 10:15 p.m.10 views

Heap overflow

DaviewIndy 8.98.9 and earlier has a Heap-based overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

6.8CVSS8AI score0.0124EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2020/04/22 9:15 p.m.18 views

CVE-2020-10903

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

4.3CVSS3.2AI score0.03405EPSS
Exploits0References2
NVD
NVD
added 2020/04/22 9:15 p.m.15 views

CVE-2020-10894

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

4.3CVSS3.2AI score0.03311EPSS
Exploits0References2
Prion
Prion
added 2020/04/22 9:15 p.m.13 views

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

4.3CVSS3.3AI score0.03405EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2020/04/22 8:50 p.m.22 views

CVE-2020-10894

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

3.3CVSS3.3AI score0.03311EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2020/04/16 12:0 a.m.31 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.4AI score0.03311EPSS
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:20 a.m.36 views

Arbitrary Code Execution

cups is vulnerable to arbitrary code execution. The vulnerability exists in the handling of PDF files. An attacker could create a malicious PDF file that would cause CUPS to crash or potentially execute arbitrary code when printed...

9.3CVSS4.1AI score0.06408EPSS
Exploits1References93Affected Software4
Rows per page
Query Builder