Lucene search
K

490 matches found

OSV
OSV
added 2023/03/29 7:15 p.m.3 views

CVE-2022-37371

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.2AI score0.0077EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/28 12:0 a.m.3 views

PT-2023-19521 · Unknown · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor version 9.3 Description: A potential memory issue due to insufficient input validation in PDFXEditCore.x64.dll may allow attackers to execute code when a user opens a crafted PDF file. The issue occurs when handling a large...

7.8CVSS7.7AI score0.0023EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/22 12:0 a.m.4 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser from Google Inc. in the United States. A security vulnerability exists in versions prior to Google Chrome 110.0.5481.177 that stems from an integer overflow issue in PDF. An attacker exploits the vulnerability to cause heap corruption via specially crafted PDF files...

8.8CVSS8.3AI score0.00605EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.5 views

SUSE CVE-2009-0147

Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service crash via a crafted PDF file, related to 1 JBIG2Stream::readSymbolDictSeg, 2 JBIG2Stream::readSymbolDictSeg, and 3...

4.3CVSS6.8AI score0.02577EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.3 views

SUSE CVE-2009-2993

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the 1 Privileged Context and 2 Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and...

9.3CVSS7.5AI score0.06672EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.3 views

SUSE CVE-2009-3603

Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party...

9.3CVSS8.4AI score0.08582EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.3 views

SUSE CVE-2009-3606

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow...

9.3CVSS8.4AI score0.08629EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.2 views

SUSE CVE-2009-4324

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild...

9.3CVSS8AI score0.81863EPSS
Exploits21References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:41 a.m.4 views

SUSE CVE-2013-0640

Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted PDF document, as exploited in the wild in February 2013...

7.8CVSS7.9AI score0.86979EPSS
Exploits4References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.3 views

SUSE CVE-2015-1282

Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to the 1 Document::delay and 2...

6.8CVSS9.6AI score0.0158EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.2 views

SUSE CVE-2016-1619

Multiple integer overflows in the 1 sycc422torgb and 2 sycc444torgb functions in fxcodec/codec/fxcodecjpxopj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted...

7.6CVSS9.4AI score0.01114EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.3 views

SUSE CVE-2016-5184

PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFLFormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files...

8.8CVSS9.3AI score0.0113EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:51 a.m.4 views

SUSE CVE-2017-5108

Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file...

8.8CVSS8.8AI score0.01476EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.5 views

SUSE CVE-2017-8787

The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted PDF file...

6.3CVSS9.8AI score0.01625EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.3 views

SUSE CVE-2017-14928

In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document...

3.3CVSS6.9AI score0.00674EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.4 views

SUSE CVE-2017-17858

Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted...

7.8CVSS8.1AI score0.02785EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:32 a.m.4 views

SUSE CVE-2018-5158

The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR 52.8 and Firefox 60...

8.8CVSS8AI score0.10576EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.3 views

SUSE CVE-2019-1786

A vulnerability in the Portable Document Format PDF scanning functionality of Clam AntiVirus ClamAV Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a lack of proper...

5.3CVSS9.5AI score0.01491EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.3 views

SUSE CVE-2019-1787

A vulnerability in the Portable Document Format PDF scanning functionality of Clam AntiVirus ClamAV Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a lack of proper da...

5.3CVSS9.5AI score0.01684EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.1 views

SUSE CVE-2020-16002

Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...

8.8CVSS8.9AI score0.01635EPSS
Exploits1References8
Rows per page
Query Builder