Lucene search
K

302 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/15 12:0 a.m.15 views

RHEL 8 : ghostscript (RHSA-2024:4527)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4527 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats ...

8.8CVSS8.6AI score0.01425EPSS
Exploits0References4
Fedora
Fedora
added 2024/04/28 3:29 a.m.33 views

[SECURITY] Fedora 39 Update: python-reportlab-4.2.0-1.fc39

This is the ReportLab PDF Toolkit. It allows rapid creation of rich PDF documents, and also creation of charts in a variety of bitmap and vector formats...

9.8CVSS9.5AI score0.04452EPSS
Exploits0
Fedora
Fedora
added 2024/04/28 3:18 a.m.29 views

[SECURITY] Fedora 40 Update: python-reportlab-4.2.0-1.fc40

This is the ReportLab PDF Toolkit. It allows rapid creation of rich PDF documents, and also creation of charts in a variety of bitmap and vector formats...

9.8CVSS9.5AI score0.04452EPSS
Exploits0
Veracode
Veracode
added 2024/04/16 9:22 a.m.21 views

Cross-Site Scripting (XSS)

tecnickcom/tcpdf is vulnerable to Cross-Site Scripting. The vulnerability is due to insecure processing of HTML content inside PDF documents, which could result in Cross-Site Scripting...

6.1CVSS6.8AI score0.00582EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2024/04/03 12:0 a.m.10 views

Fedora: Security Advisory (FEDORA-2024-bc7d40eb2e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2024/03/29 4:11 a.m.26 views

[SECURITY] Fedora 40 Update: php-tcpdf-6.7.4-1.fc40

PHP class for generating PDF documents. no external libraries are required for the basic functions; all standard page formats, custom page formats, custom margins and units of measure; UTF-8 Unicode and Right-To-Left languages; TrueTypeUnicode, OpenTypeUnicode, TrueType, OpenType, Type1 and CID-0...

7.4AI score
Exploits0
Veracode
Veracode
added 2024/03/11 5:53 a.m.16 views

Path Traversal

WeasyPrint is vulnerable to Path Traversal. The vulnerability is due to improper validation mechanisms in the urlfetcher function, which fails to restrict the inclusion of arbitrary local files and URLs in the generated PDF documents. This flaw allowing an attacker to include or traverse to files...

7.4CVSS6.5AI score0.00623EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2024/03/09 1:15 a.m.21 views

Design/Logic Flaw

WeasyPrint helps web developers to create PDF documents. Since version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if urlfetcher is configured to prevent access to files and URLs. This vulnerability has been patched in...

6.5CVSS7.4AI score0.00623EPSS
Exploits0References2
OSV
OSV
added 2024/03/09 1:15 a.m.4 views

UBUNTU-CVE-2024-28184

WeasyPrint helps web developers to create PDF documents. Since version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if urlfetcher is configured to prevent access to files and URLs. This vulnerability has been patched in...

7.4CVSS5.9AI score0.00623EPSS
Exploits0References5
Fedora
Fedora
added 2024/03/07 10:33 p.m.41 views

[SECURITY] Fedora 40 Update: pdftk-java-3.3.3-6.fc40

If PDF is electronic paper, then pdftk-java is an electronic staple-remover, hole-punch, binder, secret-decoder-ring, and X-Ray-glasses. PDFtk is a simple tool for doing everyday things with PDF documents: Merge PDF documents, split PDF pages into a new document, decrypt input as necessary passwo...

8.8CVSS8.9AI score0.02578EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2024/02/04 6:16 p.m.31 views

CVE-2020-36773

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for txtwrite because a single character code in a PDF document can map to more than one Unicode code point e.g., for a ligature...

9.8CVSS7.2AI score0.00879EPSS
Exploits0References2
NVD
NVD
added 2023/11/22 6:15 p.m.22 views

CVE-2023-47251

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers with access to a VNC session to automatically transfer malicious PDF documents by moving them into the .spool directory, and then...

6.5CVSS0.0173EPSS
Exploits2References5
Cvelist
Cvelist
added 2023/11/22 12:0 a.m.24 views

CVE-2023-47251

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers with access to a VNC session to automatically transfer malicious PDF documents by moving them into the .spool directory, and then...

6.6AI score0.0173EPSS
Exploits2References5
CVE
CVE
added 2023/11/22 12:0 a.m.53 views

CVE-2023-47251

CVE-2023-47251 affects mprivacy-tools before 2.0.406g (TightGate-Pro Server). A Directory Traversal in the VNC print function allows authenticated users with a VNC session to place malicious PDFs into the .spool directory and trigger the VNC service to transfer them to the connected VNC client’s ...

6.5CVSS6.3AI score0.0173EPSS
Exploits2References5Affected Software2
RedHat Linux
RedHat Linux
added 2023/11/07 10:7 a.m.30 views

Important: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS7.9AI score0.0468EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/10/17 2:2 p.m.24 views

Important: Red Hat Security Advisory: python-reportlab security update

An update for python-reportlab is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

9.8CVSS7.7AI score0.04452EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/10/17 1:55 p.m.24 views

Important: Red Hat Security Advisory: python-reportlab security update

An update for python-reportlab is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a...

9.8CVSS7.7AI score0.04452EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/10/17 1:54 p.m.29 views

Important: Red Hat Security Advisory: python-reportlab security update

An update for python-reportlab is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

9.8CVSS7.7AI score0.04452EPSS
Exploits0References2
OSV
OSV
added 2023/10/17 12:0 a.m.30 views

ALSA-2023:5790 Important: python-reportlab security update

Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code execution CVE-2019-19450 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information...

9.8CVSS9.8AI score0.04452EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/09/06 12:0 a.m.6 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to the issue of operations occurring outside the buffer in memory. This allows attackers to gain unauthorized access to protected information.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to the issue of operations going beyond the buffer in memory when processing embedded fonts. Exploiting thi...

5.5CVSS5.7AI score0.02379EPSS
Exploits0References6
Rows per page
Query Builder