Lucene search
K

491 matches found

OSV
OSV
added 2016/12/18 3:59 a.m.1 views

CVE-2016-5184

PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFLFormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files...

8.8CVSS7.3AI score0.0113EPSS
Exploits0References5
OSV
OSV
added 2016/12/18 3:59 a.m.2 views

UBUNTU-CVE-2016-5183

A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files...

8.8CVSS7.3AI score0.01161EPSS
Exploits0References2
OSV
OSV
added 2016/12/18 3:59 a.m.1 views

UBUNTU-CVE-2016-5184

PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFLFormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files...

8.8CVSS7.3AI score0.0113EPSS
Exploits0References2
OSV
OSV
added 2016/12/18 3:59 a.m.3 views

CVE-2016-5183

A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files...

8.8CVSS7.3AI score
Exploits0References6
The Hacker News
The Hacker News
added 2016/12/12 12:9 a.m.19 views

Beware of New Celebrity Sex Tape (Scam) Leaked on Facebook!

If you came across a celebrity sex video on Facebook featuring Jessica Alba or any other celebrity, just avoid clicking it. Another Facebook scam is circulating across the social networking website that attempts to trick Facebook users into clicking on a link for a celebrity sex tape that instead...

6.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/12/07 7:8 p.m.5 views

chromium-browser: out of bounds write in pdfium

Heap buffer overflow during TIFF image parsing in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...

8.8CVSS7.6AI score0.01517EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/12/07 7:8 p.m.5 views

chromium-browser: use after free in pdfium

A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file...

6.8CVSS7.4AI score0.00784EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/10/17 8:42 a.m.5 views

chromium-browser: use after free in pdfium

A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files...

8.8CVSS7.4AI score0.01161EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/10/17 8:42 a.m.33 views

chromium-browser: use after free in pdfium

PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFLFormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files...

8.8CVSS7.4AI score0.0113EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/06/23 12:0 a.m.32 views

openSUSE Security Update : ImageMagick (openSUSE-2016-757)

This update for ImageMagick fixes the following issues : This security issue was fixed : - CVE-2016-5118: Prevent code execution via popen bsc982178 This non-security issue was fixed : - Fix encoding of /Title in generated PDFs. bsc867943 This update was imported from the SUSE:SLE-12:Update updat...

10CVSS7.7AI score0.49982EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2016/06/15 12:0 a.m.37 views

SUSE: Security Advisory for ImageMagick (SUSE-SU-2016:1570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.2AI score0.49982EPSS
Exploits1References1
OSV
OSV
added 2016/06/01 8:59 p.m.1 views

DEBIAN-CVE-2016-2175

Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF...

7.8CVSS7.5AI score0.04797EPSS
Exploits0References1
OSV
OSV
added 2016/06/01 8:59 p.m.3 views

UBUNTU-CVE-2016-2175

Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF...

7.8CVSS7.1AI score0.04797EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/03/23 12:0 a.m.3 views

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows PDF library exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted PDF document...

9.3CVSS7.7AI score0.72934EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2016/03/08 12:0 a.m.20 views

Adobe Reader Out-Of-Bounds Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS2.9AI score0.06103EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/16 12:0 a.m.3 views

Adobe Reader and Acrobat Memory Misreference Vulnerability (CNVD-2016-00270)

Adobe Reader is a PDF document reading software. Acrobat is a PDF document editing software. Adobe Reader and Acrobat processing PDF documents exist after the use of the use of vulnerabilities, allowing remote attackers to exploit the vulnerability to build malicious PDF files, inducing the user ...

8.8CVSS9.6AI score0.06772EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/16 12:0 a.m.3 views

Adobe Reader and Acrobat Memory Misreference Vulnerability (CNVD-2016-00269)

Adobe Reader is a PDF document reading software. Acrobat is a PDF document editing software. Adobe Reader and Acrobat processing PDF documents exist after the use of the use of vulnerabilities, allowing remote attackers to exploit the vulnerability to build malicious PDF files, inducing the user ...

10CVSS9.6AI score0.05493EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/13 12:0 a.m.3 views

Adobe Reader DC Global Javascript API Restriction Bypass Vulnerability

Adobe Reader is PDF document reading software. A security vulnerability exists in Adobe Reader's handling of constructed Global objects. By creating PDF documents with specific JS instructions, an attacker can exploit this vulnerability to execute arbitrary code in the context of the current...

8.8CVSS9.6AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/01/12 12:0 a.m.31 views

Adobe Reader Graphics State Parameter Dictionary Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS9.1AI score0.06988EPSS
Exploits0References1
OSV
OSV
added 2015/10/15 10:59 a.m.1 views

UBUNTU-CVE-2015-6758

The CPDFDocument::GetPage function in fpdfapi/fpdfparser/fpdfparserdocument.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of service or possibly have unspecified other impact vi...

6.8CVSS7.4AI score0.01433EPSS
Exploits0References5
Rows per page
Query Builder