Lucene search
K

310 matches found

Tenable Nessus
Tenable Nessus
added 2024/11/12 12:0 a.m.10 views

RHEL 9 : poppler (RHSA-2024:9167)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9167 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken...

7.5CVSS7.5AI score0.00785EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2024/11/12 12:0 a.m.17 views

Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken documents when using -dests parameter CVE-2024-6239 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

7.5CVSS6.5AI score0.00785EPSS
Exploits0References4
OSV
OSV
added 2024/10/08 6:15 p.m.2 views

UBUNTU-CVE-2024-25885

An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service ReDOS via supplying a crafted string...

7.5CVSS5.8AI score0.00807EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.25 views

RHEL 8 : poppler (RHSA-2024:5305)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5305 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken...

7.5CVSS7.5AI score0.00785EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2024/08/13 12:0 a.m.22 views

Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken documents when using -dests parameter CVE-2024-6239 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

7.5CVSS6.8AI score0.00785EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.8 views

PT-2024-6131 · Sap · Sap Bex Web Java Runtime Export Web Service

Name of the Vulnerable Software and Affected Versions: SAP BEx Web Java Runtime Export Web Service affected versions not specified Description: The issue is related to insufficient validation of an XML document accepted from an untrusted source in the SAP BEx Web Java Runtime Export Web Service...

8.5CVSS6.9AI score0.00537EPSS
Exploits0References10
Ubuntu
Ubuntu
added 2024/07/24 8:7 p.m.23 views

USN-6915-1: poppler vulnerability

It was discovered that poppler incorrectly handled certain malformed PDF. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.4AI score0.00785EPSS
Exploits0
OSV
OSV
added 2024/05/29 4:25 a.m.8 views

USN-6779-2 firefox regressions

USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potential...

6.1AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.33 views

RHEL 8 : poppler (RHSA-2024:2979)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2979 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: NULL pointer dereference i...

5.5CVSS6.6AI score0.00517EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/05/22 10:27 a.m.42 views

Moderate: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

5.5CVSS6.6AI score0.00517EPSS
Exploits1References4
OSV
OSV
added 2024/05/22 12:0 a.m.25 views

ALSA-2024:2979 Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: NULL pointer dereference in FoFiType1C::convertToType1 CVE-2020-36024 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

5.5CVSS6.1AI score0.00517EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/05/16 6:53 p.m.5 views

Mozilla: Arbitrary JavaScript execution in PDF.js

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...

8.8CVSS7.5AI score0.72648EPSS
Exploits15References6
Hewlett-Packard
Hewlett-Packard
added 2024/02/20 12:0 a.m.23 views

Certain LaserJet Pro, HP Enterprise LaserJet, HP LaserJet Managed Printers - Potential Buffer Overflow, Potential Remote Code Execution

Certain HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to Remote Code Execution due to buffer overflow when rendering fonts embedded in a PDF file. Update your printer firmware...

9.8CVSS8.2AI score0.01342EPSS
Exploits0
Fedora
Fedora
added 2023/12/06 1:46 a.m.36 views

[SECURITY] Fedora 38 Update: poppler-23.02.0-3.fc38

poppler is a PDF rendering library...

5.5CVSS7.3AI score0.00927EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/12/06 12:0 a.m.21 views

Fedora: Security Advisory for poppler (FEDORA-2023-6b20b7807a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00927EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2023/11/28 1:11 p.m.60 views

USN-6508-2: poppler regression

USN-6508-1 fixed vulnerabilities in poppler. The update introduced one minor regression in Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or a...

7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/11/23 2:47 a.m.405 views

USN-6508-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu...

7.5CVSS7AI score0.00959EPSS
Exploits5
Prion
Prion
added 2023/10/31 4:15 p.m.16 views

Remote code execution

Kimai is a web-based multi-user time-tracking application. Versions prior to 2.1.0 are vulnerable to a Server-Side Template Injection SSTI which can be escalated to Remote Code Execution RCE. The vulnerability arises when a malicious user uploads a specially crafted Twig file, exploiting the...

5.8CVSS7.3AI score0.01466EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2023/10/30 3:40 p.m.28 views

Kimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig File

Description The laters version of Kimai is found to be vulnerable to a critical Server-Side Template Injection SSTI which can be escalated to Remote Code Execution RCE. The vulnerability arises when a malicious user uploads a specially crafted Twig file, exploiting the software's PDF and HTML...

7.2CVSS8.8AI score0.01466EPSS
Exploits1References4Affected Software1
Debian
Debian
added 2023/10/16 11:41 a.m.72 views

[SECURITY] [DLA 3620-1] poppler security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3620-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk October 16, 2023 https://wiki.debian.org/LTS -...

7.5CVSS8.1AI score0.00959EPSS
Exploits3
Rows per page
Query Builder