CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Krebs on Security•added 2018/12/11 9:5 p.m.•283 views

Patch Tuesday, December 2018 Edition

Adobe and Microsoft each released updates today to tackle critical security weaknesses in their software. Microsoft's December patch batch is relatively light, addressing more than three dozen vulnerabilities in Windows and related applications. Adobe has issued security fixes for its Acrobat and...

9.3CVSS0.6AI score0.78404EPSS

Exploits5

Denial of Service Vulnerability in Kingsoft PDF Reader (CNVD-2018-26097)

Kingsoft PDF Reader is a compact and stable PDF reading tool. Kingsoft PDF Reader has a denial of service vulnerability that can be exploited by attackers to cause a denial of service by constructing a specific pdf file...

Denial of Service Vulnerability in Kingsoft PDF Reader (CNVD-2018-26092)

Denial of Service Vulnerability in Kingsoft PDF Reader (CNVD-2018-26090)

Denial of Service Vulnerability in Kingsoft PDF Reader (CNVD-2018-26096)

Denial of Service Vulnerability in Kingsoft PDF Reader (CNVD-2018-26095)

Kingsoft PDF Reader Information Disclosure Vulnerability

Kingsoft PDF Reader is a compact and stable PDF reading tool. Kingsoft PDF Reader has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information by constructing specific pdf files...

6.2AI score

Talos Blog•added 2018/10/30 11:13 a.m.•16 views

Talos Vulnerability Discovery Year in Review - 2018

Introduction Cisco Talos' Vulnerability Discovery Team investigates software and operating system vulnerabilities in order to discover them before malicious threat actors. We provide this information to vendors so that they can create patches and protect their customers as soon as possible. We...

CNVD•added 2018/10/22 12:0 a.m.•2 views

Xpdf 'CCITTFaxStream::readRow()' function stack buffer overflow vulnerability

Xpdf is Foo Labs developed an open source PDF reader , it supports decoding LZW compressed format files and read encrypted PDF files . A stack buffer overflow vulnerability exists in the 'CCITTFaxStream::readRow' function in the Stream.cc file in Xpdf version 4.00. A remote attacker can exploit...

5.5CVSS9.3AI score0.00526EPSS

CNVD•added 2018/10/22 12:0 a.m.•2 views

Xpdf 'DCTStream::getBlock' function out-of-bounds read vulnerability

Xpdf is an open source PDF reader developed by Foo Labs, which supports decoding LZW compressed format files and reading encrypted PDF files. Xpdf 4.00 version of the Stream.cc file in the 'DCTStream::getBlock' function has an out-of-bounds read vulnerability. A remote attacker can exploit this...

5.5CVSS6.8AI score0.00215EPSS

CNVD•added 2018/10/12 12:0 a.m.•1 views

Adobe Acrobat and Reader Buffer Overflow Vulnerability (CNVD-2019-05308)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader buffer overflow vulnerability exists. Remote attackers can explo...

9.3CVSS7.9AI score0.03278EPSS

CNVD•added 2018/10/12 12:0 a.m.•1 views

Denial of Service Vulnerability in Kingsoft Office PDF Reader (CNVD-2018-22133)

Kingsoft Office PDF Reader is a compact and stable PDF reading tool. Kingsoft Office PDF Reader has a denial of service vulnerability that can be exploited by attackers to cause a denial of service by constructing a specific pdf file...

CNVD•added 2018/10/12 12:0 a.m.•1 views

Adobe Acrobat and Reader Arbitrary Code Execution Vulnerability (CNVD-2018-21095)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader security vulnerabilities exist. Remote attackers can exploit the...

9.3CVSS7.8AI score0.06191EPSS

CNVD•added 2018/10/12 12:0 a.m.•0 views

Adobe Acrobat and Reader Type Obfuscation Vulnerability (CNVD-2018-21089)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader in the existence of type confusion vulnerability. A remote...

9.3CVSS7.6AI score0.03949EPSS

CNVD•added 2018/10/10 12:0 a.m.•1 views

Foxit PDF Reader JavaScript Engine Remote Code Execution Vulnerability (CNVD-2018-20707)

Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A remote code execution vulnerability exists in the JavaScript engine in Foxit PDF Reader 9.2.0.9297 and earlier versions. A remote attacker could...

8.8CVSS7.9AI score0.00709EPSS

Exploits1References1

CNVD•added 2018/10/10 12:0 a.m.•1 views

Foxit PDF Reader JavaScript Engine Remote Code Execution Vulnerability (CNVD-2018-20721)

Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A remote code execution vulnerability exists in the way the JavaScript engine in Foxit PDF Reader handles Optional Content Groups. A remote attacker...

8.8CVSS7.9AI score0.00709EPSS

Exploits1References1

CNVD•added 2018/10/10 12:0 a.m.•3 views

Foxit PDF Reader JavaScript Engine Remote Code Execution Vulnerability (CNVD-2018-20719)

Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A remote code execution vulnerability exists in the JavaScript engine in Foxit PDF Reader. A remote attacker can exploit this vulnerability to execut...

8.8CVSS8AI score0.00709EPSS