CVE-2018-20249

In Foxit Quick PDF Library all versions prior to 16.12, issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access...

CVE-2018-20247

In Foxit Quick PDF Library all versions prior to 16.12, issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow...

CVE-2018-20248

In Foxit Quick PDF Library all versions prior to 16.12, issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access...

[SECURITY] Fedora 27 Update: php-tcpdf-6.2.25-1.fc27

PHP class for generating PDF documents. no external libraries are required for the basic functions; all standard page formats, custom page formats, custom margins and units of measure; UTF-8 Unicode and Right-To-Left languages; TrueTypeUnicode, OpenTypeUnicode, TrueType, OpenType, Type1 and CID-0...

PT-2018-13869 · Tcpdf · Tcpdf

Name of the Vulnerable Software and Affected Versions: TCPDF versions prior to 6.2.22 Description: An issue allows attackers to trigger deserialization of arbitrary data via the phar:// wrapper. Recommendations: For versions prior to 6.2.22, update to version 6.2.22 or later to resolve the issue...

CVE-2018-8350

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10...

CVE-2018-8350

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10...

Remote code execution

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10...

CVE-2018-8350

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10...

Microsoft Windows PDF Remote Code Execution Vulnerability (CNVD-2018-17083)

Microsoft Windows 10 is a series of operating systems released by Microsoft.Microsoft Windows 10 is a set of operating systems for personal computers.Windows Server Version 1709 is a set of server operating systems.Windows PDF Library is one of the PDF libraries. Library is one of the PDF library...

Microsoft Windows Multiple Vulnerabilities (KB4343900)

This host is missing a critical security update according to Microsoft KB4343900 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4343885)

This host is missing a critical security update according to Microsoft KB4343885 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : poppler (openSUSE-2018-648)

This update for poppler fixes the following issues : These security issues were fixed : - CVE-2017-14517: Prevent NULL pointer dereference in the XRef::parseEntry function via a crafted PDF document bsc1059066. - CVE-2017-9865: Fixed a stack-based buffer overflow vulnerability in GfxState.cc that...

Microsoft Windows PDF Library JPEG2000 Parsing Out of Bounds Write (CVE-2017-0291)

An out-of-bounds write vulnerability exists in the JPEG2000 component of the PDF library in Microsoft Windows. The vulnerability is due to improper validation of embedded JPEG2000 streams...

PoDoFo 'PoDoFo::PdfTokenizer::GetNextToken()' function heap buffer overflow vulnerability

PoDoFo is an open source , written in C++ using the PDF file format library . PoDoFo 0.9.5 version of the PdfTokenizer.cpp file in the 'PoDoFo::PdfTokenizer::GetNextToken' function has a heap buffer overflow vulnerability. A remote attacker could exploit this vulnerability with a specially crafte...

Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive on vulnerable installations of Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

UBUNTU-CVE-2017-18184

An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iteraterc4 in QPDFencryption.cc...

UBUNTU-CVE-2015-9252

An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc...

Debian: Security Advisory (DLA-1074-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

iText PDF Library 7.0.2 / 5.5.11 / 2.0.8 XXE Injection Vulnerability

Exploit for java platform in category remote exploits Product: iText PDF Library Vendor: iText Group CVE ID: CVE-2017-9096 Subject: XML External Entity Attack XXE Risk: Medium Effect: Remotely exploitable Author: Benjamin Bruppacher Date: 2017-11-06 Introduction: ------------- iText is a software...