Lucene search
K

134 matches found

SUSE CVE
SUSE CVE
added 2024/09/06 3:15 a.m.2 views

SUSE CVE-2024-20505

A vulnerability in the PDF parsing module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a...

7.5CVSS6.8AI score0.00555EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.6 views

The vulnerability of the DOC-file processor in Hancom Office software allows a hacker to execute arbitrary code.

The vulnerability of Hancom Office’s DOC-file processing tool is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created DOC file...

7CVSS7.5AI score0.00722EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.8 views

The vulnerability of the Kofax PowerPDF Advanced software, which is used for creating, converting, editing, and publishing PDF files, relates to writing beyond the buffer limit. This allows an attacker to execute arbitrary code.

The vulnerability of the Kofax PowerPDF Advanced software for creating, converting, editing, and publishing PDF files is related to writing outside the buffer. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created PDF file...

7.8CVSS7.6AI score0.00345EPSS
Exploits0References6Affected Software1
SUSE CVE
SUSE CVE
added 2023/08/26 8:9 a.m.4 views

SUSE CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

5.5CVSS9.2AI score0.00921EPSS
Exploits1References9
OSV
OSV
added 2023/08/11 2:15 p.m.1 views

DEBIAN-CVE-2021-25786

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in libqpdf...

5.3CVSS5.4AI score0.00503EPSS
Exploits1References1
Mozilla
Mozilla
added 2023/07/20 12:0 a.m.55 views

Security Vulnerabilities fixed in Thunderbird 115.0.1 — Mozilla

During the worker lifecycle, a use-after-free condition could have occurred, which could have led to a potentially exploitable crash. Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in...

8.8CVSS8.5AI score0.00556EPSS
Exploits0References2Affected Software1
NCSC
NCSC
added 2023/06/01 12:0 a.m.5 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to cause a denial-of-service cause, execute arbitrary code in the scope of the browser, or to gain access to sensitive data in the scope of the browser. This requires the malicious party to trick the...

8.8CVSS7.8AI score0.23855EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.7 views

The vulnerability of the PDF document viewing program Foxit PDF Reader (formerly Foxit Reader) and the PDF file editing program Foxit PDF Editor (formerly Foxit PhantomPDF) lies in the use of dangerous methods or functions, allowing a perpetrator to execute arbitrary code.

The vulnerability of the PDF document viewing program Foxit PDF Reader formerly Foxit Reader and the PDF file editing program Foxit PDF Editor formerly Foxit PhantomPDF is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow an attacker to execute arbitrar...

7.8CVSS7.6AI score0.00538EPSS
Exploits0References5Affected Software2
SUSE CVE
SUSE CVE
added 2023/02/15 5:32 a.m.4 views

SUSE CVE-2014-0236

file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a zero rootstorage value in a CDF file, related to cdf.c and readcdf.c...

7.5CVSS8AI score0.02543EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.3 views

SUSE CVE-2018-0202

clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format .pdf...

5.6CVSS9.1AI score0.02672EPSS
Exploits0References6
NVD
NVD
added 2023/02/07 10:15 p.m.14 views

CVE-2022-47417

LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...

5.4CVSS5.3AI score0.00497EPSS
Exploits1References1
OSV
OSV
added 2023/02/07 10:15 p.m.2 views

CVE-2022-47417

LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...

5.4CVSS5.7AI score0.00582EPSS
Exploits2References1
Prion
Prion
added 2023/02/07 10:15 p.m.13 views

Cross site scripting

LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...

4.9CVSS5.3AI score0.00582EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/07 9:59 p.m.7 views

CVE-2022-47417 LogicalDOC Document File Name Stored XSS

LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...

5.9AI score0.00497EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/02/07 9:59 p.m.30 views

CVE-2022-47417 LogicalDOC Document File Name Stored XSS

LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...

5.5AI score0.00497EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.8 views

The vulnerability of the CJBig2Image::expand() function in Kindle electronic book readers allows a hacker to execute arbitrary code.

The vulnerability of the CJBig2Image::expand function in Kindle e-book readers is due to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created PDF file...

8.6CVSS8.3AI score0.07045EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/08/19 11:15 p.m.1 views

DEBIAN-CVE-2020-27792

A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000printpage function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service...

7.1CVSS7.4AI score0.00437EPSS
Exploits0References1
Snyk
Snyk
added 2022/05/06 12:5 p.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS in the Hints::Hints function, via a crafted PDF file. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...

7.5CVSS7.8AI score0.01547EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/04/25 12:0 a.m.7 views

The vulnerability of Adobe Illustrator’s graphic editor arises from an operation that goes beyond buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Adobe Illustrator’s graphic editor arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious individual to gain unauthorized access to protected information through a specially crafted PDF file...

5.5CVSS6.1AI score0.01905EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2022/03/24 3:15 a.m.5 views

UBUNTU-CVE-2022-27811

GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename...

9.8CVSS5.8AI score0.03033EPSS
Exploits1References4
Rows per page
Query Builder