72 matches found
ONLYOFFICE Document Server File Extension Handling Vulnerability (CNVD-2021-17247)
ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. A file extension handling vulnerability exists in the ONLYOFFICE DocumentServer core module, which can be exploited by an attacker to remotely execute...
Dockerhub Document Server 安全漏洞
ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. A file extension handling vulnerability exists in the ONLYOFFICE DocumentServer core module, which can be exploited by an attacker to remotely execute...
CVE-2021-3204
SSRF in the document conversion component of Webware Webdesktop 5.1.15 allows an attacker to read all files from the server...
Modesty pdfjson buffer error vulnerability
Modesty Pdf2json is Modesty individual developers of a Java-based PDF files can interact with Json files code library. A buffer error vulnerability exists in pdf2json 0.69, which stems from a buffer overflow that allows a local user to execute arbitrary code by converting a carefully crafted PDF...
Zhuhai Kingsoft Office Software Co., Ltd. Kingsoft PDF suffers from dll hijacking vulnerability
Kingsoft PDF is a powerful and easy-to-use PDF editor. Support one-click editing, quickly modify the content of PDF documents, and support PDF documents and docx/pptx/excel/txt/pictures and other document formats conversion. Ltd. Kingsoft PDF dll hijacking vulnerability, attackers can use the...
[SECURITY] Fedora 33 Update: pandoc-2.9.2.1-8.fc33
Pandoc is a Haskell library for converting from one markup format to anothe r, and a command-line tool that uses this library. It can read several dialect s of Markdown and subsets of HTML, reStructuredText, LaTeX, DocBook, JATS, MediaWiki markup, DokuWiki markup, TWiki markup, TikiWiki markup,...
[SECURITY] Fedora 31 Update: ghostscript-9.27-2.fc31
This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...
CVE-2019-5030
The CVE-2019-5030 issue affects Antenna House Rainbow PDF Office Server Document Converter (V7.0 Pro MR1, 7.0.2019.0220). The root cause is a bounds-check flaw in TxMasterStyleAtom::parse during DocumentTextInfoContainer parsing: cLevels is not reliably limited to 0x0005, allowing index to exceed...
CVE-2019-5030
A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro MR1 7,0,2019,0220. While parsing a document text info container, the TxMasterStyleAtom::parse function is incorrectly checking the bounds corresponding to...
Fedora Update for ghostscript FEDORA-2019-ebd6c4f15a
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 29 Update: ghostscript-9.27-1.fc29
This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...
[SECURITY] Fedora 30 Update: ghostscript-9.27-1.fc30
This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...
Antenna House Rainbow PDF Office server document converter TxMasterStyleAtom parsing code execution vulnerability
Summary A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro MR1 7,0,2019,0220. While parsing a document text info container, the TxMasterStyleAtom::parse function is incorrectly checking the bounds...
Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-22408)
Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the conversion of HTML files to PDF in Foxit Reader 9.2.0.9297 and earlier versions a...
Heap overflow
An exploitable heap corruption exists in the PowerPoint document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted PowerPoint PPT document can lead to heap corruption, resulting in remote code execution...
CVE-2018-3933
An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted Microsoft Word DOC document can lead to an out-of-bounds write, resulting in remote cod...
CVE-2018-3929
An exploitable heap corruption exists in the PowerPoint document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted PowerPoint PPT document can lead to heap corruption, resulting in remote code execution...
CVE-2018-3929
The CVE-2018-3929 entry concerns Antenna House Office Server Document Converter on Linux64, version 6.1 Pro MR2. A vulnerability in the PowerPoint (.ppt) document conversion path can cause heap corruption, enabling remote code execution when processing a specially crafted PPT file. The issue is t...
Antenna House Office Server Document Converter putShapeProperty Code Execution Vulnerability
Summary An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted Microsoft Word DOC document can lead to an out-of-bounds write, resulting in...
Security Bulletin: Weakness in generated service credentials affects multiple Watson Developer Cloud services (CVE-2016-0391)
Summary A weakness in generated service credentials that affects multiple Watson Developer Cloud offered through IBM Bluemix has been identified and fixed. Replacement of previously generated credentials is recommended. Vulnerability Details CVEID: CVE-2016-0391 DESCRIPTION: Multiple Watson...