Lucene search
+L

302 matches found

NVD
NVD
added 2023/07/19 2:15 p.m.20 views

CVE-2023-28744

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. A specially crafted PDF document can trigger the reuse of previously freed memory by manipulating form fields of a specific type. This can lead to memory corruption and arbitrary...

8.8CVSS8.9AI score0.00898EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/05/18 12:0 a.m.3 views

PT-2023-23765 · Apple · Ipados +3

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.5 iPadOS versions prior to 16.5 macOS Ventura versions prior to 13.4 Description: A denial-of-service issue was addressed with improved memory handling. This issue may lead to unexpected app termination when opening a...

5.5CVSS5.9AI score0.00233EPSS
Exploits0References7
OSV
OSV
added 2023/04/25 7:15 p.m.4 views

UBUNTU-CVE-2021-23203

Improper access control in reporting engine of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to download PDF reports for arbitrary documents, via crafted requests...

7.5CVSS7.4AI score0.00875EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.5 views

SUSE CVE-2009-1181

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers a NULL pointer dereference...

4.3CVSS6.8AI score0.03803EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.2 views

SUSE CVE-2011-0226

Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted...

9.3CVSS7.6AI score0.06646EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.3 views

SUSE CVE-2015-1295

Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/printwebviewhelper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact by triggering nested IPC...

7.5CVSS9.8AI score0.01574EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:57 a.m.8 views

SUSE CVE-2016-8332

A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap...

7.8CVSS8.7AI score0.02563EPSS
Exploits2References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:47 a.m.5 views

SUSE CVE-2017-7382

The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...

5.5CVSS9.1AI score0.01348EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.4 views

SUSE CVE-2022-24196

iText v7.1.17, up to exluding": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

6.5CVSS6.4AI score0.01612EPSS
Exploits1References3
Microsoft Secure
Microsoft Secure
added 2022/10/18 4:0 p.m.25 views

How Microsoft Purview and Priva help simplify data protection

At Microsoft Security, we understand how challenging it is to protect your most important asset, your data, in today’s threat landscape. You’re faced with evolving challenges—from empowering employees for greater productivity to eliminating gaps in your infrastructure—all while trying to protect...

0.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/10/18 4:0 p.m.42 views

How Microsoft Purview and Priva help simplify data protection

At Microsoft Security, we understand how challenging it is to protect your most important asset, your data, in today’s threat landscape. You’re faced with evolving challenges—from empowering employees for greater productivity to eliminating gaps in your infrastructure—all while trying to protect...

0.3AI score
Exploits0
CNNVD
CNNVD
added 2022/07/13 12:0 a.m.4 views

Adobe Acrobat和Adobe Reader 缓冲区错误漏洞

Adobe Acrobat and Adobe Reader are the United States of America Odo than Adobe company's products. Adobe Acrobat is a set of PDF file editing and conversion tools. Adobe Reader is a set of PDF document reading software. Adobe Acrobat and Adobe Reader there are buffer overflow vulnerabilities, the...

7.8CVSS6.5AI score0.03264EPSS
Exploits0References5
Kitploit
Kitploit
added 2022/05/05 9:30 p.m.234 views

Malicious-Pdf - Generate A Bunch Of Malicious Pdf Files With Phone-Home Functionality

Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh Used for penetration testing and/or red-teaming etc. I created this tool because i needed a third party tool to generate a bunch of PDF files with various links. Usage pytho...

7.3AI score
Exploits0References6
The Hacker News
The Hacker News
added 2022/02/01 1:30 p.m.21 views

SolarMarker Malware Uses Novel Techniques to Persist on Hacked Systems

In a sign that threat actors continuously shift tactics and update their defensive measures, the operators of the SolarMarker information stealer and backdoor have been found leveraging stealthy Windows Registry tricks to establish long-term persistence on compromised systems. Cybersecurity firm...

0.3AI score
Exploits0
CNVD
CNVD
added 2022/01/25 12:0 a.m.36 views

Adobe Acrobat Reader Dc code problem vulnerability

Adobe Acrobat Reader Dc is a Pdf reading tool from Adobe USA. Used to reliably view, print and annotate Pdf documents. Adobe Acrobat Reader Dc has a code issue vulnerability that stems from a NULL pointer dereference error. A remote attacker could use the vulnerability to trick victims into openi...

5.5CVSS3.6AI score0.03629EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/25 12:0 a.m.39 views

Adobe Acrobat Reader Dc Input Validation Error Vulnerability

Adobe Acrobat Reader Dc is a Pdf reading tool from the American company Adobe. It is used to reliably view, print and annotate Pdf documents. Adobe Acrobat Reader Dc suffers from an input validation error vulnerability, which stems from inadequate validation of user-supplied input. A remote...

5.5CVSS3AI score0.02168EPSS
Exploits0References1
Fedora
Fedora
added 2021/10/29 11:27 p.m.26 views

[SECURITY] Fedora 35 Update: python-reportlab-3.6.2-1.fc35

This is the ReportLab PDF Toolkit. It allows rapid creation of rich PDF documents, and also creation of charts in a variety of bitmap and vector formats...

6.5CVSS2AI score0.01487EPSS
Exploits1
CNVD
CNVD
added 2021/10/15 12:0 a.m.8 views

Buffer Overflow Vulnerability in Multiple Foxit Products

Foxit PDF Reader is China Foxit Foxit company a PDF reader. A buffer overflow vulnerability exists in several Foxit products, which stems from a failure to properly determine memory boundaries when processing PDF files. A remote attacker could use this vulnerability to exploit specially crafted P...

7.8CVSS7.8AI score0.0068EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/12 12:0 a.m.19 views

Foxit Reader and Foxit PhantomPDF Buffer Overflow Vulnerability (CNVD-2021-66412)

Foxit Reader and Foxit PhantomPDF are both PDF document readers from Foxit, a Chinese company. Foxit Reader and PhantomPDF versions prior to 10.1.4 have a security vulnerability that could be exploited to corrupt memory during the conversion of PDF documents to a different document format...

7.5CVSS3.2AI score0.01087EPSS
Exploits0Affected Software2
OSV
OSV
added 2021/08/05 9:15 p.m.3 views

CVE-2021-21831

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

8.8CVSS7.4AI score0.04546EPSS
Exploits1References1
Rows per page
Query Builder