CVE-2025-69627

Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...

CVE-2026-25755 jsPDF has PDF Object Injection via Unsanitized Input in addJS Method

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the argument of the addJS method allows an attacker to inject arbitrary PDF objects into the generated document. By crafting a payload that escapes the JavaScript string delimiter, an attacker can execute malicious...

EUVD-2019-4823

Malware in sbrugna...

EUVD-2022-3162

Malicious code in bioql PyPI...

EUVD-2023-36907

Malicious code in bioql PyPI...

Same-Origin Policy Bypass

firefox is vulnerable to same-origin-policy bypass. A flaw was found in the way Firefox handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site...

Format string

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

Foxit Reader Format String Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

Google Chrome < 63.0.3239.84 Multiple Vulnerabilities

Binary data 700351.pasl...

CVE-2017-9802

The Javascript method Sling.evalString in Apache Sling Servlets Post before 2.3.22 uses the javascript 'eval' function to parse input strings, which allows for XSS attacks by passing specially crafted input strings...

Firefox crypto.generateCRMFRequest command execution

Added: 08/21/2014 CVE: CVE-2013-1710 BID: 61900 OSVDB: 96019 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A vulnerability in the implementation of the crypto.generateCRMFRequest javascript method allows command execution...

Adobe Acrobat Reader customDictionaryOpen Memory Corruption - Ver2 (CVE-2009-1493)

A memory corruption vulnerability has been reported in Adobe Reader. The vulnerability is due to insufficient input validation in the implementation of the customDictionaryOpen JavaScript method. A remote attacker could exploit this vulnerability by enticing the target user to open a malicious PD...

VulnCheck KEV: CVE-2008-2992

Adobe Acrobat and Reader contain an input validation issue in a JavaScript method that could potentially lead to remote code execution...

Adobe Acrobat < 9.1 / 8.1.4 / 7.1.1 Multiple Vulnerabilities

The version of Adobe Acrobat installed on the remote host is earlier than 9.1 / 8.1.4 / 7.1.1. Such versions are reportedly affected by multiple vulnerabilities : - An integer buffer overflow can be triggered when processing a malformed JBIG2 image stream with the '/JBIG2Decode' filter...

Ubuntu Update for firefox vulnerabilities USN-468-1

Ubuntu Update for Linux kernel vulnerabilities USN-468-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4681.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-468-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Adobe Reader < 9.1 / 8.1.4 / 7.1.1 Multiple Vulnerabilities

The version of Adobe Reader installed on the remote host is earlier than 9.1 / 8.1.4 / 7.1.1. Such versions are reportedly affected by multiple vulnerabilities : - An integer buffer overflow can be triggered when processing a malformed JBIG2 image stream with the '/JBIG2Decode' filter...

Reader: arbitrary code execution via unspecified JavaScript method

Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue."...

Input validation

Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue."...

Adobe Reader/Acrobat JavaScript Method Handling Vulnerability (APSB08-15) - Windows

Adobe Reader/Acrobat is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

acroread: input validation issue in a JavaScript method

Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method."...