OESA-2024-2357 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: VUL-0: CVE-2024-46951: ghostscript: Arbitrary code execution via unchecked "Implementation" pointer in "Pattern"...

OESA-2024-2355 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: VUL-0: CVE-2024-46951: ghostscript: Arbitrary code execution via unchecked "Implementation" pointer in "Pattern"...

CVE-2024-46980 Tuleap vulnerable to XSS in the HTML mail content of the cross reference field

Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, a site administrator could create an artifact link type with a forward label allowing them ...

The vulnerability of the XRef::fetch function (XRef.cc) in the PDF viewing software Xpdf, which allows a hacker to cause a service failure.

The vulnerability of the XRef::fetch function in the Xpdf PDF viewing software is related to code errors. Exploiting this vulnerability could allow an attacker to cause a service failure through a specially created PDF file...

ALSA-2023:2863 Moderate: ctags security update

Ctags is a C programming language indexing and cross-reference tool. Security Fixes: ctags: arbitrary command execution via a tag file with a crafted filename CVE-2022-4515 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

Moderate: ctags security update

Ctags is a C programming language indexing and cross-reference tool. Security Fixes: ctags: arbitrary command execution via a tag file with a crafted filename CVE-2022-4515 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

SUSE CVE-2007-6445

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6117. Reason: This candidate is a duplicate of CVE-2007-6117. Notes: All CVE users should reference CVE-2007-6117 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

SUSE CVE-2017-15587

An integer overflow was discovered in pdfreadnewxrefsection in pdf/pdf-xref.c in Artifex MuPDF 1.11...

SUSE CVE-2017-17858

Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted...

SUSE CVE-2018-20481

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...

SUSE CVE-2019-16088

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...

UBUNTU-CVE-2022-41844

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088...

CVE-2022-25641

Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack...

CVE-2022-25641

Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack...

Cross site scripting

Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack...

CVE-2022-25641

Affected software : Foxit PDF Reader < 11.2.2, Foxit PDF Editor < 11.2.2, and PhantomPDF

Foxit PhantomPDF < 10.1.8 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 10.1.8. It is, therefore affected by multiple vulnerabilities: - Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash...

Foxit PDF Reader < 11.2.2 Multiple Vulnerabilities

According to its version, the Foxit PDF Reader application previously named Foxit Reader installed on the remote Windows host is prior to 11.2.2. It is, therefore affected by multiple vulnerabilities: - Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash...

Foxit PDF Editor < 11.2.2 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 11.2.2. It is, therefore affected by multiple vulnerabilities: - Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a...

PT-2022-17428 · Foxit · Foxit Pdf Reader +2

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions prior to 11.2.2 PDF Editor versions prior to 11.2.2 PhantomPDF versions prior to 10.1.8 Description: The issue arises from the mishandling of cross-reference information during compressed-object parsing within signed...