PT-2026-25872

🚨 CVE-2026-4308 A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handle pdf document of the file python/helpers/document query.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has...

MiracleLinux 4 : poppler-0.12.4-12.AXS4 (AXSA:2017-2169:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2169:01 advisory. An integer overflow leading to heap-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause...

CVE-2025-64231 WordPress WordPress Contact Form 7 PDF, Google Sheet & Database plugin <= 3.0.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in RedefiningTheWeb WordPress Contact Form 7 PDF, Google Sheet & Database rtwwcfp-wordpress-contact-form-7-pdf allows Using Malicious Files.This issue affects WordPress Contact Form 7 PDF, Google Sheet & Database: from n/a through =...

EUVD-2010-3895

Malware in sbrugna...

EUVD-2018-16986

Malware in sbrugna...

EUVD-2015-4571

Malware in sbrugna...

USN-7675-1: poppler vulnerability

Kevin Backhouse discovered that poppler incorrectly handled documents with a large number of annotations. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could use this issue to cause poppler to consume resources, leading to a denial of...

CVE-2021-30870

A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. Previewing an html file attached to a note may unexpectedly contact remote servers...

CVE-2018-14865

Report engine in Odoo Community 9.0 through 11.0 and earlier and Odoo Enterprise 9.0 through 11.0 and earlier does not use secure options when passing documents to wkhtmltopdf, which allows remote attackers to read local files...

CVE-2025-43929

openactions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document e.g., a document opened in KDE ghostwriter...

USN-6200-2 imagemagick vulnerabilities

USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected...

go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents

A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document...

Apple macOS Big Sur 跨站脚本漏洞

Apple macOS Big Sur is the 17th major release of Apple's macOS, the operating system used by Apple Inc. for the MAC. A security vulnerability exists in Apple macOS Big Sur version 11.7.9, which stems from handling documents that could lead to cross-site scripting attacks...

Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

USN-5330-1: LibreOffice vulnerability

It was discovered that LibreOffice incorrectly handled digital signatures. An attacker could possibly use this issue to create a specially crafted document that would display a validly signed indicator, contrary to expectations...

CVE-2021-33035

CVE-2021-33035 describes a buffer overflow in Apache OpenOffice when reading DBF files: the size of certain DBF fields isn’t checked, causing overflow of allocated space and potential arbitrary code execution via stack manipulation. Affected products: Apache OpenOffice up to and including 4.1.10....

Ubuntu: Security Advisory (USN-4469-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...

Adobe Reader and Acrobat Remote Code Execution Vulnerability (CNVD-2016-08979)

Adobe Reader and Acrobat are PDF file-related software: Adobe Reader is a free PDF file reader, Acrobat is a PDF file editing and conversion tools. A security vulnerability exists in Adobe Reader and Acrobat, which can be exploited by an attacker to execute arbitrary code in the context of the...

nuance pdf reader memory corruption vulnerability

nuance pdf reader is a PDF reading tool. The tool suffers from a memory corruption vulnerability in the handling of PDF files, which allows an attacker to crash the program by constructing malformed PDF files...