Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/12/24 10:29 p.m.4 views

CVE-2025-14419

pdfforge PDF Architect PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of pdfforge PDF Architect. User interaction is required to exploit this vulnerability in that the target mu...

7.8CVSS7.9AI score0.00155EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:3 p.m.9 views

CVE-2020-28587

A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to...

8.8CVSS6.8AI score0.00949EPSS
Exploits1
Amazon
Amazon
added 2024/10/02 12:0 a.m.5 views

Medium: clamav

Issue Overview: A vulnerability in the PDF parsing module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacke...

7.5CVSS6.7AI score0.00555EPSS
Exploits0
OSV
OSV
added 2024/05/03 2:15 a.m.4 views

CVE-2023-38086

Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

5.5CVSS4.9AI score0.00327EPSS
Exploits0References1
OSV
OSV
added 2023/11/21 7:15 p.m.3 views

CVE-2021-38405

The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code in the context of the current process...

7.8CVSS5.9AI score0.0127EPSS
Exploits0References2
Snyk
Snyk
added 2021/03/10 3:34 p.m.3 views

XML External Entity (XXE) Injection

Overview xmldom is an A pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. Affected versions of this package are vulnerable to XML External Entity XXE Injection. Does not correctly preserve system identifiers, FPIs or namespaces when repeatedly parsing and...

5.4CVSS8.9AI score0.01328EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2015/02/20 12:0 a.m.37 views

Pentaho < 4.5.0 - User Console XML Injection

======================================================================== title: Pentaho User Console XML Injection Vulnerability program: Pentaho BI User Console vulnerable version: Pentaho was injected into the XML of the client's POST request. This tag defines an external entity, xxe8295c, whic...

7.4AI score
Exploits0
Rows per page
Query Builder