DEBIAN-CVE-2023-1530

Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2023-0933

Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: Medium...

K25359902: BIG-IP AAM security vulnerability CVE-2019-6601

Security Advisory Description The BIG-IP AAM wamd process used in the processing of images and PDFs fails to drop group permissions when executing helper scripts. CVE-2019-6601 Impact This issue does not have a direct exploit, but may be used in unknown ways when targeting the BIG-IP AAM module...

SUSE CVE-2017-18184

An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iteraterc4 in QPDFencryption.cc...

SUSE CVE-2021-30860

An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this...

CVE-2022-41957 muhammara vulnerable to Unchecked Return Value to NULL Pointer Dereference

Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...

USN-5736-2 imagemagick vulnerabilities

USN-5736-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. One of the issues, CVE-2021-20224, only affected Ubuntu 20.04 ESM, while CVE-2021-20245, CVE-2021-3574, CVE-2021-4219 and CVE-2022-1114 only affected Ubuntu...

MGASA-2022-0386 Updated poppler packages fix security vulnerability

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...

OESA-2022-1906 poppler security update

Poppler is a free software utility library for rendering Portable Document Format PDF documents. \Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes: Poppler...

SWFTools 缓冲区错误漏洞

SWFTools is a set of utilities for working with Adobe Flash files SWF files from the individual developer Matthias Kramm. A security vulnerability exists in SWFTools that originates from a heap buffer overflow in DCTStream::reset in the /xpdf/Stream.cc file...

Adobe Acrobat和Adobe Reader 资源管理错误漏洞

Adobe Acrobat and Adobe Reader are the United States of America Odo than Adobe company's products. Adobe Acrobat is a set of PDF file editing and conversion tools. Adobe Reader is a set of PDF document reading software. Adobe Acrobat and Adobe Reader there are resource management error...

Adobe Acrobat和Adobe Reader 资源管理错误漏洞

Adobe Acrobat and Adobe Reader are both products of Adobe Adobe Incorporated.Adobe Acrobat is a set of PDF file editing and conversion tools.Adobe Reader is a set of PDF document reading software. Adobe Acrobat and Adobe Reader there is a resource management error vulnerability, the vulnerability...

Adobe Acrobat和Adobe Reader 缓冲区错误漏洞

Adobe Acrobat is a set of PDF file editing and conversion tools. Adobe Reader is a set of PDF document reading software. A number of Adobe products exist uninitialized pointer access vulnerability, the vulnerability arises from the existence of a post-release reuse error when processing PDF files...

Adobe Acrobat Reader 缓冲区错误漏洞

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat and Adobe Reader has a buffer overflow vulnerability, the vulnerability stems from the processing of PDF files when the "reuse after release" error...

多款Adobe产品缓冲区错误漏洞

Adobe Acrobat is a set of PDF file editing and conversion tools. The software is used to print, sign and annotate PDFs.Several Adobe products are vulnerable to an out-of-bounds reading vulnerability, which stems from a boundary error when processing PDF files. A remote attacker could use the...

多款Adobe产品缓冲区错误漏洞

Adobe Acrobat is a set of PDF file editing and conversion tools. The software is used to print, sign and annotate PDFs.Several Adobe products are vulnerable to an out-of-bounds reading vulnerability, which stems from a boundary error when processing PDF files. A remote attacker could use the...

多款Adobe产品缓冲区错误漏洞

Adobe Acrobat is a set of PDF file editing and conversion tools. The software is used to print, sign and annotate PDFs.Several Adobe products are vulnerable to an out-of-bounds reading vulnerability, which stems from a boundary error when processing PDF files. A remote attacker could use the...

CVE-2021-39835

Adobe Framemaker versions 2019 Update 8 and earlier and 2020 Release Update 2 and earlier are affected by a use-after-free vulnerability in the processing of a malformed PDF file that could result in disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a...

OESA-2021-1148 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

Foxit PhantomPDF 缓冲区错误漏洞

Foxit PhantomPDF is China's Foxit Foxit company a PDF document reader. Foxit PhantomPDF suffers from an out-of-bounds read vulnerability when processing U3D objects in PDF files. The vulnerability is caused due to a lack of proper validation of user-supplied data, which could result in reading...