CVE-2026-8811

SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations...

EUVD-2026-37866

SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations...

CVE-2026-8811

CVE-2026-8811 affects SEPPmail versions before 15.0.5, in the PDF generation module. Improper handling of attachment filenames during encrypted PDF creation allows path traversal, enabling an attacker to create files outside the intended directory and potentially place them in web‑accessible loca...

EUVD-2011-3080

Malware in sbrugna...

SUSE CVE-2024-23449

An uncaught exception in Elasticsearch = 8.4.0 and 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypte...

CVE-2023-43900

Insecure Direct Object References IDOR in EMSigner v2.8.7 allow attackers to gain unauthorized access to application content and view sensitive data of other users via manipulation of the documentID and EncryptedDocumentId parameters...

CVE-2023-43900

Insecure Direct Object References IDOR in EMSigner v2.8.7 allow attackers to gain unauthorized access to application content and view sensitive data of other users via manipulation of the documentID and EncryptedDocumentId parameters...

EMSigner Security Vulnerability

EMSigner is an electronic signature solution from EMSigner India. A security vulnerability exists in EMSigner version v2.8.7, which stems from a vulnerability that allows an attacker to gain unauthorized access to application content and view sensitive data of other users by manipulating the...

编号撤回

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. This CVE number has been withdrawn...

Ubuntu: Security Advisory (USN-5694-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5694-1: LibreOffice vulnerabilities

It was discovered that LibreOffice incorrectly handled links using the Office URI Schemes. If a user were tricked into opening a specially crafted document, a remote attacker could use this issue to execute arbitrary scripts. CVE-2022-3140 Thomas Florian discovered that LibreOffice incorrectly...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : LibreOffice vulnerabilities (USN-5694-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5694-1 advisory. It was discovered that LibreOffice incorrectly handled links using the Office URI Schemes. If a user were tricked into opening a...

XPDF 缓冲区错误漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. XPDF commit id ffaf11c has a security vulnerability that originates from DCTStream::lookChar in /xpdf/Stream.cc contains a heap buffer overflow...

Mageia: Security Advisory (MGASA-2020-0258)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated libreoffice packages fix security vulnerability

This update increase Libreoffice to version 6.4.4.2 It fixes Security issues and add kf5 support. If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If...

CVE-2020-12801

If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice'...

UBUNTU-CVE-2020-12801

If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice'...

CVE-2020-12801

CVE-2020-12801 affects LibreOffice 6.3.x prior to 6.3.6 and 6.4.x prior to 6.4.3. If an encrypted document crashes and is recovered, subsequent saves may default to unencrypted even when the document was encrypted, if the recovered file format is not the default ODF format. Public details in conn...

CVE-2011-3112

Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document...

CVE-2011-3112

Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document...