Pillow 安全漏洞

Pillow is an open-source image processing library developed by Pillow. Versions of Pillow from 4.2.0 to 12.2.0 contained security vulnerabilities. These vulnerabilities were due to malicious PDFs, which could cause processes to hang indefinitely, consume 100% of the CPU resources, and render the...

pypdf 安全漏洞

pypdf is an open-source, free Python library for handling PDF files. It allows for splitting, merging, cropping, and converting pages within PDF files. Versions of pypdf prior to 6.9.1 contained security vulnerabilities, which stemmed from defects in processing malicious PDFs. These vulnerabiliti...

Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT

Introduction Stan Ghouls also known as Bloody Wolf is an cybercriminal group that has been launching targeted attacks against organizations in Russia, Kyrgyzstan, Kazakhstan, and Uzbekistan since at least 2023. These attackers primarily have their sights set on the manufacturing, finance, and IT...

Foxit PDF Reader PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PD...

Remote Code Execution (RCE)

pdfminer.six is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe deserialization in the CMapDB.loaddata function, where pickle.loads processes attacker-controlled pickle.gz files referenced by a malicious PDF, allowing arbitrary code execution when the file is...

Linux Distros Unpatched Vulnerability : CVE-2025-64512

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107,...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the pdfjs-1.4.20 component under public/plugins/. An attacker can execute arbitrary JavaScript code in the context of the user's browser by injecting malicious scripts into PDF files rendered by the...

CVE-2025-2091

An open redirection vulnerability in M-Files mobile applications for Android and iOS prior to version 25.6.0 allows attackers to use maliciously crafted PDF files to trick other users into making requests to untrusted URLs...

Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow's content delivery network CDN to deliver the Lumma stealer malware. Netskope Threat Labs said it discovered 260 unique domains hosting 5,000 phishing P...

CVE-2024-34342

react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true which is the default value, unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. This vulnerability is fixed in...

WhatsApp says Paragon is spying on specific users

WhatsApp has accused the professional spyware company Paragon of spying on a select group of users. WhatsApp, the Meta-owned, end-to-end encrypted messaging platform, said it has reliable information that nearly 100 journalists and other “members of civil society” were targets of a spyware campai...

Foxit Reader Resource Management Error Vulnerability (CNVD-2023-61388)

Foxit Reader is a Chinese Foxit Foxit company's a PDF document reader. A security vulnerability exists in Foxit Reader version 12.1.2.15332, which can be exploited by an attacker to cause memory corruption and arbitrary code execution, due to a specially crafted Javascript code in a malicious PDF...

New Wave of QBot Attacks Detected via Malicious PDF Attachments

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new wave of QBot banking Trojan attacks was identified in April 2023, utilizing malicious PDF attachments in emails written in various languages. To receive real-time threat advisories, please follow...

CVE-2022-22633

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution...

Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables

By Asheer Malhotra and Vitor Ventura. Cisco Talos has observed a new campaign targeting Turkish private organizations alongside governmental institutions. Talos attributes this campaign with high confidence to MuddyWater — an APT group recently attributed to Iran's Ministry of Intelligence and...

Researchers Uncover New Iranian Hacking Campaign Targeting Turkish Users

Details have emerged about a previously undocumented malware campaign undertaken by the Iranian MuddyWater advanced persistent threat APT group targeting Turkish private organizations and governmental institutions. "This campaign utilizes malicious PDFs, XLS files and Windows executables to deplo...

Malicious PDFs Flood the Web, Lead to Password-Snarfing

The pushers behind the SolarMarker backdoor malware are flooding the web with PDFs stuffed with keywords and links that redirect to the password-stealing, credential-snarfing malware. Microsoft Security Intelligence said in a Tweet on Friday that the SolarMarker also known as Jupyter makers are...

YIKES! Hackers flood the web with 100,000 pages offering malicious PDFs

Cybercriminals are resorting to search engine poisoning techniques to lure business professionals into visiting seemingly legitimate Google sites that install a Remote Access Trojan RAT capable of carrying out a wide range of attacks. The attack works by leveraging searches for business forms suc...

OPENSUSE-SU-2020:0670-1 Security update for nextcloud

This update for nextcloud to 18.0.4 fixes the following issues: Security issues fixed: - CVE-2020-8154: Fixed an XSS vulnerability when opening malicious PDFs NC-SA-2020-018 boo1171579. - CVE-2020-8155: Fixed a direct object reference vulnerability that allowed attackers to remotely wipe devices ...

PT-2018-16359 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.2.0.9297 Description: A use-after-free issue in the JavaScript engine of Foxit PDF Reader can be triggered by a specially crafted PDF document, leading to arbitrary code execution. This can occur when a user is...