18 matches found
CVE-2026-13129
When the application opens a PDF file, JavaScript uses the damaged field tree to trigger field traversal, resulting in the program holding an invalid form object when accessing the field property path. Eventually, the application crashes due to reading an invalid pointer...
CVE-2026-13129 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability
When the application opens a PDF file, JavaScript uses the damaged field tree to trigger field traversal, resulting in the program holding an invalid form object when accessing the field property path. Eventually, the application crashes due to reading an invalid pointer...
EUVD-2026-42182
When the application opens a PDF file, JavaScript uses the damaged field tree to trigger field traversal, resulting in the program holding an invalid form object when accessing the field property path. Eventually, the application crashes due to reading an invalid pointer...
CVE-2026-13129
When the application opens a PDF file, JavaScript uses the damaged field tree to trigger field traversal, resulting in the program holding an invalid form object when accessing the field property path. Eventually, the application crashes due to reading an invalid pointer...
OpenEMR 安全漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. OpenEMR versions 8.0.0 and earlier have security...
CVE-2020-28163
libdwarf before 20201201 allows a dwarfprintlines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname...
CVE-2020-28163
libdwarf before 20201201 allows a dwarfprintlines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname...
AZL-33328 CVE-2020-28163 affecting package libdwarf for versions less than 0.9.0
libdwarf before 20201201 allows a dwarfprintlines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname...
CVE-2020-28163
libdwarf before 20201201 allows a dwarfprintlines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname...
CVE-2020-28163
libdwarf before 20201201 allows a dwarfprintlines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname...
CVE-2020-28163
libdwarf before 20201201 allows a dwarfprintlines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname...
SUSE CVE-2007-1595
The Asterisk Extension Language AEL in pbx/pbxael.c in Asterisk does not properly generate extensions, which allows remote attackers to execute arbitrary extensions and have an unknown impact by specifying an invalid extension in a certain form...
SUSE CVE-2009-0755
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service crash via a PDF file with an invalid Form Opt entry...
Insecure redirect when submit invalid form
Description When submit invalid form, the server will redirect to url which obtain via Referrer header. Proof of Concept POST /create-shelf HTTP/2 Host: book.dansmonorage.blue Cookie: csrftoken=ZpIuGbCcxOyhta5bki4N46N7vknEAcpaG3881kcMAfWKBEYKEiLEeSc3Sr4lUTVa; djangolanguage=en-us;...
DRUPAL-CONTRIB-2020-019
The reCaptcha v3 module enables you to protect your forms using the Google reCaptcha V3. If the reCaptcha v3 challenge succeeds, all the other form validations are bypassed. This makes it possible for attackers to submit invalid or incomplete forms. This vulnerability only affects forms that are...
DEBIAN-CVE-2009-0755
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service crash via a PDF file with an invalid Form Opt entry...
CVE-2009-0755
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service crash via a PDF file with an invalid Form Opt entry...
CVE-2009-0755
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service crash via a PDF file with an invalid Form Opt entry...