Lucene search
K

386 matches found

Prion
Prion
added 2024/01/12 9:15 p.m.21 views

Command injection

Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CB...

6.8CVSS7.3AI score0.0234EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2024/01/12 8:27 p.m.24 views

CVE-2023-51698 Atril's CBT comic book parsing vulnerable to Remote Code Execution

Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CB...

9.6CVSS8.1AI score0.0234EPSS
Exploits2References6
CVE
CVE
added 2024/01/12 8:27 p.m.70 views

CVE-2023-51698

Atril (the Atril document viewer) is vulnerable to a critical Command Injection vulnerability (CVE-2023-51698). A crafted CBT document packaged as a TAR archive can allow an attacker to execute arbitrary commands when opened or when a user clicks a crafted link, potentially giving immediate acces...

9.6CVSS9.1AI score0.0234EPSS
Exploits2References4Affected Software1
Debian CVE
Debian CVE
added 2024/01/12 8:27 p.m.23 views

CVE-2023-51698

Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CB...

9.6CVSS7.8AI score0.0234EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.4 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, related to memory usage after it is freed, allow attackers to access confidential information.

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud are related to the use of memory after it is released. Exploiting these vulnerabilities can allow attackers to access confidential information...

3.3CVSS5.6AI score0.02139EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.5 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, related to reading data beyond the buffer in memory, allow attackers to gain access to confidential information.

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud involve reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to access confidential information...

3.3CVSS5.8AI score0.02035EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/11/01 12:0 a.m.13 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, Adobe Acrobat Reader 2020, and Adobe Acrobat 2017 involve reading data beyond the buffer in memory, allowing attackers to disclose protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, Adobe Acrobat Reader 2020, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to reading data beyond the buffer in memory. Exploiting...

5.5CVSS6.7AI score0.00261EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/10/27 12:0 a.m.5 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2015, and Adobe Acrobat Reader 2015 are related to memory usage after it is freed. This allows attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2015, and Adobe Acrobat Reader 2015 is related to the use of memory after it is freed. Exploiting this...

7.8CVSS7.6AI score0.0032EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/09/28 12:0 a.m.7 views

The vulnerability of the U3D File Parser component in the PDF-XChange PDF document viewing and editing software allows a hacker to execute arbitrary code.

The vulnerability of the U3D File Parser component in the PDF-XChange PDF viewing and editing software is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.00406EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/08/31 12:0 a.m.6 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020/Adobe Acrobat Reader 2020 involve memory management issues after memory is freed, allowing attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to execut...

7.8CVSS7.6AI score0.02465EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/31 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020/Adobe Acrobat Reader 2020 involve memory-walking attacks, allowing attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to memory-walking attacks. Exploiting these vulnerabilities can allow attackers to execute arbitrary cod...

7.8CVSS6.6AI score0.02346EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/29 12:0 a.m.7 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020/Adobe Acrobat Reader 2020 are related to insufficient validation of input data. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to insufficient validation of input data. Exploiting these vulnerabilities can allow a malicious actor t...

7.5CVSS6.4AI score0.00326EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/10 12:0 a.m.4 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has a post-release reuse vulnerability that can be exploited by an attacker to cause a sensitive memory leak...

5.5CVSS6.6AI score0.02597EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/10 12:0 a.m.5 views

Adobe Acrobat Reader 缓冲区错误漏洞

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has an out-of-bounds read vulnerability that can be exploited by an attacker to cause a sensitive memory leak...

5.5CVSS6.6AI score0.0213EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.4 views

WordPress Document Viewer for Office Plugin < 2.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Document Viewer for Office Type Plugin Vulnerable versions 2.2.7 Fixed in 2.2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d9616ec54053 Credits Rafie Muhammad Patchsta...

6.5AI score0.00284EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/05/11 12:0 a.m.29 views

Xpdf 安全漏洞

Glyph & Cog Xpdf is an open source PDF file viewer from Glyph & Cog. A security vulnerability exists in Xpdf 4.04 and earlier versions, which stems from a loop of PDF objects embedded in the file tree that can lead to infinite recursion and a stack overflow...

5.5CVSS6.4AI score0.00305EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.6 views

编号撤回

Glyph & Cog Xpdf is an open source PDF archive viewer from Glyph & Cog. This CVE number has been withdrawn...

5.3AI score
Exploits0References2
NVD
NVD
added 2023/04/19 12:15 a.m.42 views

CVE-2023-29517

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The office document viewer macro was allowing anyone to see any file content from the hosting server, provided that the office server was connected and depending on the permissions of the user...

7.5CVSS7.5AI score0.0101EPSS
Exploits1References4
Prion
Prion
added 2023/04/19 12:15 a.m.21 views

Design/Logic Flaw

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The office document viewer macro was allowing anyone to see any file content from the hosting server, provided that the office server was connected and depending on the permissions of the user...

5CVSS7.5AI score0.0101EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/18 11:54 p.m.9 views

CVE-2023-29517 Exposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-office-viewer

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The office document viewer macro was allowing anyone to see any file content from the hosting server, provided that the office server was connected and depending on the permissions of the user...

7.5CVSS7.5AI score0.0101EPSS
Exploits1References4
Rows per page
Query Builder