Lucene search
K

490 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.2 views

SUSE CVE-2022-38222

There is a use-after-free issue in JBIG2Stream::close located in JBIG2Stream.cc in Xpdf 4.04. It can be triggered by sending a crafted PDF file to for example the pdfimages binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact...

7.8CVSS8.1AI score0.00438EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.2 views

SUSE CVE-2022-38784

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...

7.8CVSS8.1AI score0.00574EPSS
Exploits1References9
OSV
OSV
added 2023/02/07 1:15 a.m.4 views

DEBIAN-CVE-2023-24808

PDFio is a C library for reading and writing PDF files. In versions prior to 1.1.0 a denial of service DOS vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. The pdf which causes this crash found in testing is about 28...

6.5CVSS5.7AI score0.00719EPSS
Exploits1References1
OSV
OSV
added 2023/02/07 1:15 a.m.2 views

UBUNTU-CVE-2023-24808

PDFio is a C library for reading and writing PDF files. In versions prior to 1.1.0 a denial of service DOS vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. The pdf which causes this crash found in testing is about 28...

6.5CVSS6.4AI score0.00719EPSS
Exploits1References4
OSV
OSV
added 2023/01/26 6:59 p.m.4 views

CVE-2022-42400

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.2AI score0.00386EPSS
Exploits0References2
OSV
OSV
added 2023/01/13 1:15 a.m.7 views

CVE-2022-3161

The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process...

7.8CVSS5.9AI score0.00413EPSS
Exploits0References3
OSV
OSV
added 2022/11/21 4:15 p.m.3 views

CVE-2022-32774

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. By prematurely deleting objects associated with pages, a specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...

7.8CVSS5.8AI score0.0098EPSS
Exploits1References1
OSV
OSV
added 2022/11/21 4:15 p.m.4 views

CVE-2022-37332

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing media player API, which can lead to arbitrary code execution. An attacker needs to...

7.8CVSS5.8AI score0.0135EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/11/21 4:5 p.m.7 views

CVE-2022-37332

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing media player API, which can lead to arbitrary code execution. An attacker needs to...

8.8CVSS7.7AI score0.0135EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.4 views

XPDF 缓冲区错误漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. XPDF v4.04 version of a security vulnerability , the vulnerability stems from the attacker can be achieved through its xpdf/Stream.cc component of the...

5.5CVSS6.6AI score0.00252EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.5 views

PT-2022-23931 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit Software's PDF Reader version 12.0.1.12430 Description: A use-after-free issue exists in the JavaScript engine, allowing arbitrary code execution through the misuse of the media player API. This can be triggered by opening a...

8.8CVSS8.3AI score0.0135EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2022/11/02 6:10 p.m.4 views

@fusuma/task-pdf (>=1.2.0 <=1.16.0), @infosupport/kc-cli (>=2.2.0 <=3.1.0) +10 more potentially affected by CVE-2022-39381 via hummus (>=1.0.104 <=1.0.110)

hummus NPM version =1.0.104, =1.2.0, =2.2.0, =1.0.0, =1.0.50, =0.0.10, =2.0.0, =1.0.0, =0.1.0, =0.1.2, =2.2.0, =0.0.7, =0.0.8 Source cves: CVE-2022-39381 Source advisory: OSV:GHSA-RCRX-FPJP-MFRW...

7.5CVSS6.6AI score0.00645EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/11/01 12:0 p.m.4 views

@fusuma/task-pdf (>=1.2.0 <=1.16.0), @infosupport/kc-cli (>=2.2.0 <=3.1.0) +10 more potentially affected by CVE-2022-25892 via hummus (>=1.0.104 <=1.0.110)

hummus NPM version =1.0.104, =1.2.0, =2.2.0, =1.0.0, =1.0.50, =0.0.10, =2.0.0, =1.0.0, =0.1.0, =0.1.2, =2.2.0, =0.0.7, =0.0.8 Source cves: CVE-2022-25892 Source advisory: OSV:GHSA-9CV5-4WQV-9W94...

7.5CVSS7.1AI score0.01022EPSS
Exploits0
OSV
OSV
added 2022/10/31 9:15 p.m.5 views

CVE-2022-39018

Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL...

7.5CVSS5.8AI score0.00384EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/31 12:0 a.m.4 views

M-Files Hubshare 授权问题漏洞

M-Files Hubshare is a collaboration solution from M-Files, Inc. designed to seamlessly share files, documents and collaborative content. A security vulnerability exists in versions of M-Files Hubshare prior to 3.3.11.3, which stems from imperfect access control of its PDFtron data allowing an...

8.2CVSS7.3AI score0.00384EPSS
Exploits0References2
OSV
OSV
added 2022/10/11 10:15 p.m.10 views

CVE-2022-41387

The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

9.8CVSS9.6AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/10/11 10:15 p.m.5 views

d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +8 more potentially affected by CVE-2022-42042 via d8s-networking (>=0.3.0 <=0.4.2)

d8s-networking PYPI version =0.3.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42042 Source advisory: OSV:PYSEC-2022-43028...

9.8CVSS7.2AI score0.01168EPSS
Exploits1
PyPA
PyPA
added 2022/10/11 10:15 p.m.5 views

PYSEC-2022-43050

The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

9.8CVSS7AI score0.01168EPSS
Exploits1References4Affected Software1
vulnersOsv
vulnersOsv
added 2022/10/11 10:15 p.m.7 views

d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +5 more potentially affected by CVE-2022-42036 via d8s-urls (>=0.4.0 <=0.6.0)

d8s-urls PYPI version =0.4.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42036 Source advisory: OSV:PYSEC-2022-43030...

9.8CVSS7.2AI score0.01168EPSS
Exploits1
Prion
Prion
added 2022/10/11 10:15 p.m.14 views

Code injection

The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

7.5CVSS9.4AI score0.01168EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder