Lucene search
K

134 matches found

Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.12 views

PT-2026-27783

Name of the Vulnerable Software and Affected Versions pdf-image versions through 2.0.0 Description The pdf-image npm package versions through 2.0.0 allows for OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions utilize...

9.8CVSS6AI score0.02493EPSS
Exploits4References11
Cvelist
Cvelist
added 2026/03/17 4:2 a.m.39 views

CVE-2026-4308 frdel/agent0ai agent-zero document_query.py handle_pdf_document server-side request forgery

A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handlepdfdocument of the file python/helpers/documentquery.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available ...

6.5CVSS0.00201EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-1589

Malware in sbrugna...

4.3CVSS9.2AI score0.04117EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54624

Malicious code in bioql PyPI...

8.4CVSS6.3AI score0.00252EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-50180

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00582EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-2820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF fil...

8.8CVSS7.5AI score0.04415EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-5057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform ...

8.8CVSS8.1AI score0.01688EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-5295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function base/PdfXRefStreamParserObject.cpp. Remote attackers could...

5.5CVSS6.8AI score0.01001EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/06/02 3:0 p.m.16 views

CVE-2024-52035

An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

8.4CVSS0.00252EPSS
Exploits1References1
OSV
OSV
added 2025/04/08 4:15 p.m.3 views

CVE-2025-3287

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

7.8CVSS6.7AI score0.00298EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.4 views

PT-2025-15455 · Rockwell Automation · Rockwell Automation Arena

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A local code execution issue exists due to a threat actor being able to read outside of the allocated memory buffer, resulting from improper validation of user-supplied...

8.5CVSS6.8AI score0.00293EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/02/05 5:54 p.m.17 views

CVE-2019-5041

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file t...

9.8CVSS7.7AI score0.03282EPSS
Exploits0References1
Snyk
Snyk
added 2025/01/28 7:12 p.m.1 views

Cross-site Scripting (XSS)

Overview pimcore/pimcore is a content & product management framework CMS/PIM/E-Commerce. Affected versions of this package are vulnerable to Cross-site Scripting XSS when uploading a PDF. An admin user can upload a PDF containing malicious scripts that will be executed in another user's session...

8.1CVSS5.4AI score0.01039EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2024/12/05 12:0 a.m.8 views

PT-2024-16792 · Rockwell Automation · Rockwell Automation Arena

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A code execution vulnerability exists in Rockwell Automation Arena that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If...

8.5CVSS7.5AI score0.00242EPSS
Exploits0References11
BDU FSTEC
BDU FSTEC
added 2024/11/18 12:0 a.m.7 views

The vulnerability of the PDF document viewing program Foxit PDF Reader (formerly Foxit Reader) lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of the PDF document viewing program Foxit PDF Reader formerly Foxit Reader is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created PDF file...

7.8CVSS7.6AI score0.00793EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/12 12:0 a.m.7 views

The vulnerability of the PDF editing program Foxit PDF Editor (formerly Foxit PhantomPDF) relates to the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Foxit PDF Editor formerly Foxit PhantomPDF PDF editing program is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created PDF file...

7.8CVSS8AI score0.00764EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/11 12:0 a.m.6 views

The vulnerability of the PDF editing program Foxit PDF Editor (formerly Foxit PhantomPDF) relates to the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Foxit PDF Editor formerly Foxit PhantomPDF PDF editing program is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created PDF file...

7.8CVSS8AI score0.00764EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/11 12:0 a.m.6 views

The vulnerability of the PDF editing program Foxit PDF Editor (formerly Foxit PhantomPDF) lies in its use of memory after it is freed, allowing a hacker to execute arbitrary code.

The vulnerability of the Foxit PDF Editor formerly Foxit PhantomPDF PDF editing software is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created PDF file...

7.8CVSS7.6AI score0.00914EPSS
Exploits0References4Affected Software2
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.6 views

PT-2024-38742 · Autodesk · Autodesk Revit

Name of the Vulnerable Software and Affected Versions: Autodesk Revit affected versions not specified Description: A maliciously crafted PDF file, when parsed through Autodesk Revit, may force an Out-of-Bounds Write issue. This can be leveraged by a malicious actor to cause a crash, data...

7.8CVSS7.7AI score0.00196EPSS
Exploits0References5
OSV
OSV
added 2024/10/10 12:6 p.m.4 views

USN-7062-1 libgsf vulnerabilities

It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code...

8.4CVSS6AI score0.00458EPSS
Exploits0References3
Rows per page
Query Builder