CVE-2026-7233

A flaw was found in Artifex MuPDF, specifically within its CFF Index Handler component. A local user could exploit an out-of-bounds read vulnerability in the fzsubsetcffforgids function. This could allow an attacker to read sensitive information from memory, potentially leading to information...

CVE-2023-45673

Joplin is a free, open source note taking and to-do application. A remote code execution RCE vulnerability in affected versions allows clicking on a link in a PDF in an untrusted note to execute arbitrary shell commands. Clicking links in PDFs allows for arbitrary code execution because Joplin...

CVE-2023-45673 Arbitrary code execution on click of PDF links in Joplin

Joplin is a free, open source note taking and to-do application. A remote code execution RCE vulnerability in affected versions allows clicking on a link in a PDF in an untrusted note to execute arbitrary shell commands. Clicking links in PDFs allows for arbitrary code execution because Joplin...

PT-2023-7346 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions 12.1.2.15356 Description: The issue is related to a type confusion vulnerability in the way Foxit Reader handles field value properties. This can be triggered by a specially crafted Javascript code inside a malicious...

CVE-2022-41180

Due to lack of proper memory management, when a victim opens a manipulated Portable Document Format .pdf, PDFPublishing.dll file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a...

PT-2018-3976 · Xpdf +2 · Xpdf +2

Name of the Vulnerable Software and Affected Versions: Xpdf version 4.00 Description: The issue is related to errors in the code of the Xpdf software, specifically in the XRef::fetch function in XRef.cc. It allows remote attackers to cause a denial of service, which is a stack consumption, via a...