Lucene search
+L

302 matches found

cnvd
cnvd
added 2020/09/30 12:0 a.m.2 views

Foxit PhantomPDF Information Disclosure Vulnerability (CNVD-2020-62458)

PhantomPDF is a Chinese Foxit Foxit company for enterprise-level users of PDF document processing software. An information disclosure vulnerability exists in Foxit PhantomPDF's handling of U3D objects embedded in PDF files. The vulnerability stems from improper validation of user-supplied data. A...

4.3CVSS6.1AI score0.03113EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2020/06/17 12:0 a.m.5 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to writing data beyond the buffer in memory, allowing attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 is related to data writing beyond the buffer limits in memory. Exploiting this vulnerability can...

10CVSS7.8AI score0.03504EPSS
Exploits0References5
nessus
nessus
added 2020/02/24 12:0 a.m.24 views

Debian DLA-2112-1 : python-reportlab security update

It was found that ReportLab, a Python library to create PDF documents, did not properly parse color strings, allowing an attacker to execute arbitrary code through a crafted input document. For Debian 8 'Jessie', this problem has been fixed in version 3.1.8-3+deb8u2. We recommend that you upgrade...

9.8CVSS8AI score0.10231EPSS
Exploits1References3
openvas
openvas
added 2020/02/21 12:0 a.m.77 views

Debian: Security Advisory (DLA-2112-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.10231EPSS
Exploits1References3
debian
debian
added 2020/02/20 3:36 p.m.49 views

[SECURITY] [DLA 2112-1] python-reportlab security update

Package : python-reportlab Version : 3.1.8-3+deb8u2 CVE ID : CVE-2019-17626 Debian Bug : 942763 It was found that ReportLab, a Python library to create PDF documents, did not properly parse color strings, allowing an attacker to execute arbitrary code through a crafted input document. For Debian ...

9.8CVSS9.5AI score0.10231EPSS
Exploits1
nessus
nessus
added 2020/01/30 12:0 a.m.25 views

CentOS 6 : python-reportlab (RHSA-2020:0197)

The remote CentOS Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0197 advisory. - ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color='...

9.8CVSS9.1AI score0.10231EPSS
Exploits1References2
nessus
nessus
added 2020/01/30 12:0 a.m.36 views

CentOS 7 : python-reportlab (RHSA-2020:0195)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0195 advisory. - ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color='...

9.8CVSS9.1AI score0.10231EPSS
Exploits1References2
openvas
openvas
added 2020/01/29 12:0 a.m.28 views

CentOS: Security Advisory for python-reportlab (CESA-2020:0195)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.3AI score0.10231EPSS
Exploits1References2
openvas
openvas
added 2020/01/29 12:0 a.m.22 views

CentOS: Security Advisory for python-reportlab (CESA-2020:0197)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.3AI score0.10231EPSS
Exploits1References2
redhat
redhat
added 2020/01/24 5:54 a.m.31 views

Important: Red Hat Security Advisory: python-reportlab security update

An update for python-reportlab is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

9.8CVSS7.5AI score0.10231EPSS
Exploits1References2
nessus
nessus
added 2020/01/23 12:0 a.m.34 views

Oracle Linux 7 : python-reportlab (ELSA-2020-0195)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0195 advisory. 2.5-9.el77.1 - Do not eval strings passed to toColor - Resolves: 1788552 2.5-9 - Mass rebuild 2014-01-24 2.5-8 - Mass rebuild 2013-12-27 2.5-7 - Rebuilt for...

9.8CVSS8.2AI score0.10231EPSS
Exploits1References2
nessus
nessus
added 2020/01/23 12:0 a.m.36 views

Oracle Linux 8 : python-reportlab (ELSA-2020-0201)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-0201 advisory. 3.4.0-6.el810.2 - Fix Requires for doc subpackage - Resolves: 1788556 3.4.0-6.el810.1 - Do not eval strings passed to toColor - Resolves: 1788555 Tenable has...

9.8CVSS8.2AI score0.10231EPSS
Exploits1References2
cnvd
cnvd
added 2020/01/17 12:0 a.m.2 views

Foxit Reader Memory Misreference Vulnerability (CNVD-2020-04107)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

8.8CVSS7.6AI score0.03107EPSS
Exploits1References1
cnvd
cnvd
added 2020/01/17 12:0 a.m.5 views

Foxit Reader Memory Misreference Vulnerability (CNVD-2020-04097)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

8.8CVSS7.6AI score0.02422EPSS
Exploits1References1
openvas
openvas
added 2020/01/09 12:0 a.m.23 views

Fedora Update for pdfresurrect FEDORA-2019-b20614ff74

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.6AI score0.07078EPSS
Exploits5References2
cvelist
cvelist
added 2020/01/06 8:2 p.m.15 views

CVE-2019-16271

DTEN D5 and D7 before 1.3.2 devices allows remote attackers to read saved whiteboard image PDF documents via storage/emulated/0/Notes/PDF on TCP port 8080 without authentication...

5.4AI score0.01589EPSS
Exploits0References1
fedora
fedora
added 2019/09/09 8:7 a.m.45 views

[SECURITY] Fedora 29 Update: pdfbox-2.0.16-1.fc29

Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...

9.8CVSS2.4AI score0.09451EPSS
Exploits1
openvas
openvas
added 2019/09/07 12:0 a.m.26 views

Fedora Update for pdfresurrect FEDORA-2019-e01bc28777

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.6AI score
Exploits0References2
nessus
nessus
added 2019/08/30 12:0 a.m.35 views

CentOS 7 : ghostscript (CESA-2019:2281)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

5.3CVSS6.8AI score0.02582EPSS
Exploits0References2
cnvd
cnvd
added 2019/08/15 12:0 a.m.3 views

Adobe Acrobat and Reader Buffer Overflow Vulnerability (CNVD-2019-29261)

Adobe Acrobat and Reader are the United States Odo than Adobe company's products. Adobe Acrobat is a set of PDF file editing and conversion tools. Reader is a set of PDF document reading software. Adobe Acrobat and Reader has a buffer overflow vulnerability, an attacker can use the vulnerability ...

7.5CVSS7.2AI score0.03063EPSS
Exploits0References1
Rows per page
Query Builder