CVE-2026-41168

A flaw was found in pypdf. An attacker can craft a malicious PDF file containing oversized cross-reference streams or object streams. Processing such a file can lead to excessively long runtimes, resulting in a Denial of Service DoS for applications using the pypdf library. Mitigation Mitigation...

Linux Distros Unpatched Vulnerability : CVE-2026-31826

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory...

EUVD-2018-13035

Malware in sbrugna...

EUVD-2015-1423

Malware in sbrugna...

EUVD-2020-2680

Malware in sbrugna...

EUVD-2016-0313

Malware in sbrugna...

CPDF 安全漏洞

CPDF is a PDF command line tool from the individual developer John Whitington. A security vulnerability exists in CPDF 2.8 and earlier versions, which stems from allowing the use of a stack through a carefully crafted PDF document...

SUSE CVE-2017-7382

The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...

SUSE CVE-2022-24196

iText v7.1.17, up to exluding": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2021-21831

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

CVE-2021-21057

Acrobat Reader DC versions versions 2020.013.20074 and earlier, 2020.001.30018 and earlier and 2017.011.30188 and earlier are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve...

Foxit Reader Memory Misreference Vulnerability (CNVD-2020-04107)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

Google Chrome PDFium has an unspecified vulnerability

Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. A security vulnerability exists in PDFium in versions of Google Chrome prior to 71.0.3578.80. A remote attacker can exploit the vulnerability with the help of...

Foxit Reader and Foxit PhantomPDF JavaScript Engine Memory Misreference Vulnerability (CNVD-2018-20717)

Foxit Reader is China Foxit Foxit software company a PDF document reader.Foxit PhantomPDF is a commercial version.JavaScript engine is one of the JavaScript scripting engine. A memory misreference vulnerability exists in the JavaScript engine in Foxit Reader 9.2.0.9297 and earlier versions and...

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can...

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

CVE-2018-14316

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference. In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0 function in SplashOutputDev.cc via a crafted PDF document. Remediation There is no fixed version for poppler. References -...

Foxit PhantomPDF Arbitrary Code Execution Vulnerability

Foxit PhantomPDF is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2014-7947

OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c...