64 matches found
CVE-2025-69627
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...
EUVD-2025-209417
Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert. When app.alert is called with more than one argument and the first argument evaluates to null for example, app.alertapp.activeDocs, true when app.activeDocs is null...
EUVD-2025-209419
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...
EUVD-2025-209415
A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denial of Service DoS via a crafted XFA packet...
CVE-2025-69624
Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert. When app.alert is called with more than one argument and the first argument evaluates to null for example, app.alertapp.activeDocs, true when app.activeDocs is null...
CVE-2025-66769
A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denial of Service DoS via a crafted XFA packet...
CVE-2025-69627
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...
CVE-2025-69627
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...
CVE-2025-69627
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...
CVE-2025-66769
A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denial of Service DoS via a crafted XFA packet...
CVE-2025-69624
Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert. When app.alert is called with more than one argument and the first argument evaluates to null for example, app.alertapp.activeDocs, true when app.activeDocs is null...
CVE-2025-69624
Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference in the JavaScript app.alert() implementation. When called with more than one argument and the first is null (e.g., app.alert(app.activeDocs, true) with activeDocs null), the engine routes to a fallback path for non-string arg...
CVE-2025-66769
A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denial of Service DoS via a crafted XFA packet...
PT-2026-32377
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...
PT-2026-32376
Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert. When app.alert is called with more than one argument and the first argument evaluates to null for example, app.alertapp.activeDocs, true when app.activeDocs is null...
CVE-2025-66769
A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows an attacker to cause a Denial of Service via a crafted XFA packet. Affected product: Nitro PDF Pro for Windows; vulnerability type: NULL pointer dereference in XFA handling; impact: DoS (availability impact high). No exploi...
PT-2026-32375
A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denial of Service DoS via a crafted XFA packet...
CVE-2025-69624
Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert. When app.alert is called with more than one argument and the first argument evaluates to null for example, app.alertapp.activeDocs, true when app.activeDocs is null...
CVE-2025-69627
CVE-2025-69627 : Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free in the JavaScript method this.mailDoc(). During execution, an internal XID object is allocated and freed prematurely, after which the freed pointer is still passed into UI and logging helper functions. The freed m...
Nitro PDF Pro 安全漏洞
Nitro PDF Pro is a PDF editing and management tool developed by the American company Nitro. Version 14.41.1.4 of Nitro PDF Pro for Windows contains a security vulnerability. This vulnerability stems from the use of the this.mailDoc method, where heap deallocation is reused after deallocation, whi...