134 matches found
PT-2026-27783
Name of the Vulnerable Software and Affected Versions pdf-image versions through 2.0.0 Description The pdf-image npm package versions through 2.0.0 allows for OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions utilize...
CVE-2026-4308 frdel/agent0ai agent-zero document_query.py handle_pdf_document server-side request forgery
A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handlepdfdocument of the file python/helpers/documentquery.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available ...
EUVD-2012-1589
Malware in sbrugna...
EUVD-2024-54624
Malicious code in bioql PyPI...
EUVD-2022-50180
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-2820
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF fil...
Linux Distros Unpatched Vulnerability : CVE-2017-5057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform ...
Linux Distros Unpatched Vulnerability : CVE-2018-5295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function base/PdfXRefStreamParserObject.cpp. Remote attackers could...
CVE-2024-52035
An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-3287
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...
PT-2025-15455 · Rockwell Automation · Rockwell Automation Arena
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A local code execution issue exists due to a threat actor being able to read outside of the allocated memory buffer, resulting from improper validation of user-supplied...
CVE-2019-5041
An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file t...
Cross-site Scripting (XSS)
Overview pimcore/pimcore is a content & product management framework CMS/PIM/E-Commerce. Affected versions of this package are vulnerable to Cross-site Scripting XSS when uploading a PDF. An admin user can upload a PDF containing malicious scripts that will be executed in another user's session...
PT-2024-16792 · Rockwell Automation · Rockwell Automation Arena
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A code execution vulnerability exists in Rockwell Automation Arena that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If...
The vulnerability of the PDF document viewing program Foxit PDF Reader (formerly Foxit Reader) lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of the PDF document viewing program Foxit PDF Reader formerly Foxit Reader is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created PDF file...
The vulnerability of the PDF editing program Foxit PDF Editor (formerly Foxit PhantomPDF) relates to the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Foxit PDF Editor formerly Foxit PhantomPDF PDF editing program is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created PDF file...
The vulnerability of the PDF editing program Foxit PDF Editor (formerly Foxit PhantomPDF) relates to the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Foxit PDF Editor formerly Foxit PhantomPDF PDF editing program is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created PDF file...
The vulnerability of the PDF editing program Foxit PDF Editor (formerly Foxit PhantomPDF) lies in its use of memory after it is freed, allowing a hacker to execute arbitrary code.
The vulnerability of the Foxit PDF Editor formerly Foxit PhantomPDF PDF editing software is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created PDF file...
PT-2024-38742 · Autodesk · Autodesk Revit
Name of the Vulnerable Software and Affected Versions: Autodesk Revit affected versions not specified Description: A maliciously crafted PDF file, when parsed through Autodesk Revit, may force an Out-of-Bounds Write issue. This can be leveraged by a malicious actor to cause a crash, data...
USN-7062-1 libgsf vulnerabilities
It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code...