11 matches found
CVE-2026-46529
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...
CVE-2026-40980
In Spring AI, a memory exhaustion vulnerability exists in the ForkPDFLayoutTextStripper when processing a malicious PDF. Affected versions are Spring AI 1.0.0–1.0.5 (fixed in 1.0.6) and 1.1.0–1.1.4 (fixed in 1.1.5). The CVSS data indicates availability impact is High, with network attack and low ...
Simply opening a PDF could trigger this Adobe Reader zero-day
Opening the wrong PDF in Adobe Reader was enough to let criminals quietly spy on your computer and unleash more attacks, even though everything looked normal. A researcher analyzed a malicious PDF and found that it abused a previously unknown flaw a “zero‑day” in Adobe Acrobat Reader. When a vict...
Vulnerabilities fixed in Foxit Reader
Foxit has fixed vulnerabilities in Foxit Reader Specific to version 2025.1.0.27937. The vulnerabilities are in the way Foxit Reader handles PDF files. Malicious parties can exploit these vulnerabilities by tricking users into opening a malicious PDF file or visiting a malicious website, which can...
Autodesk Revit 缓冲区错误漏洞
Autodesk Revit is a suite of building information modeling software from Autodesk, Inc. in the United States. A security vulnerability exists in Autodesk Revit that originates from a malicious PDF file that causes memory corruption, which could lead to the execution of arbitrary code...
The vulnerability of Adobe Illustrator’s graphic editor arises from an operation that goes beyond buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Adobe Illustrator’s graphic editor arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious individual to gain unauthorized access to protected information through a specially crafted PDF file...
The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2020 are related to access to an uninitialized pointer, allowing attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to access to an uninitialized pointer. Exploiting this...
Mozilla: Malicious PDF can inject JavaScript into PDF Viewer
The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR 52.8 and Firefox 60...
Adobe Acrobat/Reader Memory Corruption Vulnerability (CNVD-2017-25779)
Adobe Reader/Acrobat is a popular application for working with PDF files. A memory corruption vulnerability exists in Adobe Reader/Acrobat. Allowing an attacker to construct a malicious PDF file and trick the user into parsing it could crash the application or execute arbitrary code...
Adobe Acrobat/Reader Memory Disclosure Vulnerability (CNVD-2015-06748)
Adobe Reader/Acrobat is a popular application for working with PDF files. A memory disclosure vulnerability exists in Adobe Reader/Acrobat. An attacker is allowed to construct a malicious PDF file and trick the user into parsing it, which can obtain sensitive memory information...
Adobe Acrobat/Reader Buffer Overflow Information Disclosure Vulnerability
Adobe Reader/Acrobat is a popular application for working with PDF files. An unspecified buffer overflow vulnerability exists in Adobe Reader/Acrobat. This allows an attacker to construct a malicious PDF file and trick the user into parsing it, which could crash the application or execute arbitra...