Lucene search
K

16 matches found

RedHat Linux
RedHat Linux
added 2 days ago5 views

atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

A flaw was found in Atril, Evince and Xreader. A malicious link inside a specially crafted PDF document can cause arbitrary code execution when clicked due to improper quoting of attacker-controlled PDF link-destination fields during remote go-to /GoToR actions. This issue allows an attacker to...

8.4CVSS6.6AI score0.00529EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

AlmaLinux 8 : evince (ALSA-2026:28998)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:28998 advisory. atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen CVE-2026-46529 Tenable has extracted the preceding...

8.4CVSS5.9AI score0.00529EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 12:0 a.m.4 views

ALSA-2026:28998 Important: evince security update

The evince packages provide a simple multi-page document viewer for Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS files, and, with additional back-ends, also the Device Independent File format DVI files. Security Fixes: atril: evince: xreader: PDF /GoToR action argv...

8.4CVSS5.9AI score0.00529EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

RHEL 9 : evince (RHSA-2026:27819)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27819 advisory. The evince packages provide a simple multi-page document viewer for Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS files,...

8.4CVSS6AI score0.00529EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-13755

Malware in sbrugna...

5.3CVSS5.6AI score0.00817EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-13758

Malware in sbrugna...

9.8CVSS9.2AI score0.02232EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:11 a.m.9 views

CVE-2018-21237

An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action...

5.3CVSS6.9AI score0.00817EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:9 a.m.10 views

CVE-2018-21239

An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action...

5.3CVSS6.9AI score0.00817EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:48 a.m.8 views

CVE-2018-21242

An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action...

9.8CVSS7.6AI score0.02232EPSS
Exploits0References1
OSV
OSV
added 2020/06/04 5:15 p.m.3 views

CVE-2018-21237

An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action...

5.3CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2020/06/04 5:15 p.m.4 views

CVE-2018-21239

An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action...

5.3CVSS5.8AI score0.00817EPSS
Exploits0References1
Prion
Prion
added 2020/06/04 5:15 p.m.26 views

Remote code execution

An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action...

7.5CVSS9.5AI score0.02232EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2020/06/04 4:31 p.m.22 views

CVE-2018-21239

An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action...

5.3CVSS7.3AI score0.00817EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2016/10/05 12:0 a.m.2 views

Foxit Reader GoToR Action Stack Buffer Overflow

A stack buffer overflow vulnerability has been reported in Foxit Reader. The vulnerability is due improper handling of the GoToR action. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted pdf file. Successful exploitation could allow...

3.6AI score
Exploits0
ThreatPost
ThreatPost
added 2016/06/30 1:52 p.m.9 views

Foxit Patches 12 Vulnerabilities, 8 That Could Lead to RCE

Foxit patched a dozen vulnerabilities in its PDF reader software this week, more than half of which could allow an attacker to directly execute arbitrary code on vulnerable installations of the product. The company released version 8.0 of its Foxit Reader and Foxit PhantomPDF on Monday, addressin...

0.6AI score
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2016/06/29 12:0 a.m.14 views

Foxit Reader GoToR action Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS7.1AI score
Exploits0References1
Rows per page
Query Builder