310 matches found
RHEL 9 : poppler (RHSA-2024:9167)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9167 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken...
Moderate: poppler security update
Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken documents when using -dests parameter CVE-2024-6239 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
UBUNTU-CVE-2024-25885
An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service ReDOS via supplying a crafted string...
RHEL 8 : poppler (RHSA-2024:5305)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5305 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken...
Moderate: poppler security update
Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken documents when using -dests parameter CVE-2024-6239 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
PT-2024-6131 · Sap · Sap Bex Web Java Runtime Export Web Service
Name of the Vulnerable Software and Affected Versions: SAP BEx Web Java Runtime Export Web Service affected versions not specified Description: The issue is related to insufficient validation of an XML document accepted from an untrusted source in the SAP BEx Web Java Runtime Export Web Service...
USN-6915-1: poppler vulnerability
It was discovered that poppler incorrectly handled certain malformed PDF. An attacker could possibly use this issue to cause a denial of service...
USN-6779-2 firefox regressions
USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potential...
RHEL 8 : poppler (RHSA-2024:2979)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2979 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: NULL pointer dereference i...
Moderate: Red Hat Security Advisory: poppler security update
An update for poppler is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
ALSA-2024:2979 Moderate: poppler security update
Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: NULL pointer dereference in FoFiType1C::convertToType1 CVE-2020-36024 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
Certain LaserJet Pro, HP Enterprise LaserJet, HP LaserJet Managed Printers - Potential Buffer Overflow, Potential Remote Code Execution
Certain HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to Remote Code Execution due to buffer overflow when rendering fonts embedded in a PDF file. Update your printer firmware...
[SECURITY] Fedora 38 Update: poppler-23.02.0-3.fc38
poppler is a PDF rendering library...
Fedora: Security Advisory for poppler (FEDORA-2023-6b20b7807a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6508-2: poppler regression
USN-6508-1 fixed vulnerabilities in poppler. The update introduced one minor regression in Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or a...
USN-6508-1: poppler vulnerabilities
It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu...
Remote code execution
Kimai is a web-based multi-user time-tracking application. Versions prior to 2.1.0 are vulnerable to a Server-Side Template Injection SSTI which can be escalated to Remote Code Execution RCE. The vulnerability arises when a malicious user uploads a specially crafted Twig file, exploiting the...
Kimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig File
Description The laters version of Kimai is found to be vulnerable to a critical Server-Side Template Injection SSTI which can be escalated to Remote Code Execution RCE. The vulnerability arises when a malicious user uploads a specially crafted Twig file, exploiting the software's PDF and HTML...
[SECURITY] [DLA 3620-1] poppler security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3620-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk October 16, 2023 https://wiki.debian.org/LTS -...