134 matches found
SUSE CVE-2024-20505
A vulnerability in the PDF parsing module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a...
The vulnerability of the DOC-file processor in Hancom Office software allows a hacker to execute arbitrary code.
The vulnerability of Hancom Office’s DOC-file processing tool is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created DOC file...
The vulnerability of the Kofax PowerPDF Advanced software, which is used for creating, converting, editing, and publishing PDF files, relates to writing beyond the buffer limit. This allows an attacker to execute arbitrary code.
The vulnerability of the Kofax PowerPDF Advanced software for creating, converting, editing, and publishing PDF files is related to writing outside the buffer. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created PDF file...
SUSE CVE-2022-37050
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...
DEBIAN-CVE-2021-25786
An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in libqpdf...
Security Vulnerabilities fixed in Thunderbird 115.0.1 — Mozilla
During the worker lifecycle, a use-after-free condition could have occurred, which could have led to a potentially exploitable crash. Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to cause a denial-of-service cause, execute arbitrary code in the scope of the browser, or to gain access to sensitive data in the scope of the browser. This requires the malicious party to trick the...
The vulnerability of the PDF document viewing program Foxit PDF Reader (formerly Foxit Reader) and the PDF file editing program Foxit PDF Editor (formerly Foxit PhantomPDF) lies in the use of dangerous methods or functions, allowing a perpetrator to execute arbitrary code.
The vulnerability of the PDF document viewing program Foxit PDF Reader formerly Foxit Reader and the PDF file editing program Foxit PDF Editor formerly Foxit PhantomPDF is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow an attacker to execute arbitrar...
SUSE CVE-2014-0236
file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a zero rootstorage value in a CDF file, related to cdf.c and readcdf.c...
SUSE CVE-2018-0202
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format .pdf...
CVE-2022-47417
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...
CVE-2022-47417
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...
Cross site scripting
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...
CVE-2022-47417 LogicalDOC Document File Name Stored XSS
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...
CVE-2022-47417 LogicalDOC Document File Name Stored XSS
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...
The vulnerability of the CJBig2Image::expand() function in Kindle electronic book readers allows a hacker to execute arbitrary code.
The vulnerability of the CJBig2Image::expand function in Kindle e-book readers is due to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created PDF file...
DEBIAN-CVE-2020-27792
A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000printpage function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS in the Hints::Hints function, via a crafted PDF file. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...
The vulnerability of Adobe Illustrator’s graphic editor arises from an operation that goes beyond buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Adobe Illustrator’s graphic editor arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious individual to gain unauthorized access to protected information through a specially crafted PDF file...
UBUNTU-CVE-2022-27811
GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename...