Lucene search
K

302 matches found

Fedora
Fedora
added 2021/06/24 4:53 p.m.59 views

[SECURITY] Fedora 34 Update: pdfbox-2.0.24-1.fc34

Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...

5.5CVSS2.4AI score0.03445EPSS
Exploits0
Fedora
Fedora
added 2021/06/24 4:46 p.m.59 views

[SECURITY] Fedora 33 Update: pdfbox-2.0.24-1.fc33

Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...

5.5CVSS2.4AI score0.03445EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/05/29 8:34 a.m.157 views

Researchers Demonstrate 2 New Hacks to Modify Certified PDF Documents

Cybersecurity researchers have disclosed two new attack techniques on certified PDF documents that could potentially enable an attacker to alter a document's visible content by displaying malicious content over the certified content without invalidating its signature. "The attack idea exploits the...

8.1CVSS7.1AI score0.10648EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/05/21 8:46 a.m.32 views

Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware

Microsoft on Thursday warned of a "massive email campaign" that's pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection. "This RAT is infamous for its ransomware-like behavior of appending the file name extension...

1.4AI score
Exploits0
OSV
OSV
added 2021/05/07 9:15 p.m.1 views

CVE-2021-31463

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

3.3CVSS4.9AI score0.02018EPSS
Exploits0References2
NVD
NVD
added 2021/05/07 9:15 p.m.29 views

CVE-2021-31468

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS0.02819EPSS
Exploits0References2
Prion
Prion
added 2021/05/07 9:15 p.m.20 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.7AI score0.02819EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/05/07 8:16 p.m.32 views

CVE-2021-31467

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

3.3CVSS3.6AI score0.02018EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2021/05/07 12:0 a.m.45 views

Foxit Reader U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D...

7.8CVSS4AI score0.02819EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/05/07 12:0 a.m.41 views

Foxit Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

3.3CVSS2AI score0.02018EPSS
Exploits0References1
Fedora
Fedora
added 2021/03/30 2:31 p.m.55 views

[SECURITY] Fedora 33 Update: pdfbox-2.0.23-1.fc33

Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...

5.5CVSS2.4AI score0.03337EPSS
Exploits0
Fedora
Fedora
added 2021/03/30 2:30 p.m.52 views

[SECURITY] Fedora 32 Update: pdfbox-2.0.23-1.fc32

Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...

5.5CVSS2.4AI score0.03337EPSS
Exploits0
CNNVD
CNNVD
added 2021/03/22 12:0 a.m.6 views

Foxit PhantomPDF 缓冲区错误漏洞

Foxit PhantomPDF is China's Foxit Foxit company a PDF document reader. Foxit PhantomPDF suffers from an out-of-bounds write vulnerability when processing U3D objects in PDF files. The vulnerability stems from the program not properly validating user input. An attacker could exploit this...

7.8CVSS6AI score0.02491EPSS
Exploits0References4
OSV
OSV
added 2021/02/11 8:15 p.m.3 views

CVE-2021-21057

Acrobat Reader DC versions versions 2020.013.20074 and earlier, 2020.001.30018 and earlier and 2017.011.30188 and earlier are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve...

6.6CVSS7AI score0.01093EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/28 6:5 p.m.23 views

Security Bulletin: ViewONE is vulnerable to XXE attack when opening PDF documents

Summary ViewONE is vulnerable to XXE attack when opening PDF documents. Vulnerability Details CVEID: CVE-2018-1835 DESCRIPTION: IBM Daeja Virtual is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose...

7.1CVSS1.8AI score0.01853EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/12/10 12:0 a.m.24 views

Virtuozzo 7 : ghostscript / ghostscript-cups / ghostscript-doc / etc (VZLSA-2019-3888)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS7.4AI score0.03434EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/12/05 12:0 a.m.20 views

Fedora: Security Advisory for pdfresurrect (FEDORA-2020-e9f9bb77a0)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.7AI score0.01046EPSS
Exploits1References2
Fedora
Fedora
added 2020/12/04 7:52 p.m.27 views

[SECURITY] Fedora 33 Update: pdfresurrect-0.21-1.fc33

PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also...

7.8CVSS0.5AI score0.01046EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/12/02 12:0 a.m.34 views

Debian DLA-2475-1 : pdfresurrect security update

Vulnerabilities have been discovered in pdfresurrect, a tool for analyzing and manipulating revisions to PDF documents. CVE-2019-14934 pdfloadpageskids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write CVE-2020-20740 lack of header validation...

7.8CVSS7.1AI score0.01123EPSS
Exploits1References5
CNVD
CNVD
added 2020/09/30 12:0 a.m.2 views

Foxit PhantomPDF Remote Code Execution Vulnerability (CNVD-2020-62464)

PhantomPDF is a Chinese Foxit Foxit company for enterprise-level users of PDF document processing software. A remote code execution vulnerability exists in Foxit PhantomPDF's handling of U3D objects embedded in PDF files. The vulnerability stems from a failure to properly validate the length of...

7.8CVSS8.2AI score0.04175EPSS
Exploits0References1
Rows per page
Query Builder