Lucene search
K

1067 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:36 a.m.5 views

CVE-2024-4327

A vulnerability was found in Apryse WebViewer up to 10.8.0. It has been classified as problematic. This affects an unknown part of the component PDF Document Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to...

4CVSS6.1AI score0.00453EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:36 a.m.14 views

CVE-2023-41257

A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker...

8.8CVSS7.4AI score0.01627EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:47 p.m.5 views

CVE-2022-29851

documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document...

9.8CVSS7.4AI score0.03596EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:39 p.m.10 views

CVE-2020-10222

npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::getproperty+2381 via a crafted PDF document...

8.1CVSS6.8AI score0.02425EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:10 p.m.8 views

CVE-2020-35931

An issue was discovered in Foxit Reader before 10.1.1 and before 4.1.1 on macOS and PhantomPDF before 9.7.5 and 10.x before 10.1.1 and before 4.1.1 on macOS. An attacker can spoof a certified PDF document via an Evil Annotation Attack because the products fail to consider a null value for a Subty...

7.8CVSS6.8AI score0.02294EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:13 p.m.8 views

CVE-2020-26536

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is a NULL pointer dereference via a crafted PDF document...

5.5CVSS6.9AI score0.00918EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:24 a.m.8 views

CVE-2015-8580

Multiple use-after-free vulnerabilities in the 1 Print method and 2 App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document...

6.8CVSS8AI score0.03691EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:2 a.m.8 views

CVE-2017-14680

ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document...

7.5CVSS6.7AI score0.04327EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:6 a.m.4 views

CVE-2012-4914

Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a PDF document with a crafted stream...

9.3CVSS8.2AI score0.28391EPSS
Exploits11References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:20 a.m.7 views

CVE-2011-4220

Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PDF document...

9.3CVSS8.2AI score0.07379EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:12 a.m.22 views

CVE-2012-4337

Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references...

9.3CVSS7.8AI score0.05042EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/26 9:26 a.m.12 views

CVE-2025-27834

A flaw was found in Artifex Ghostscript. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease ...

5.5CVSS7.5AI score0.00255EPSS
Exploits0References4
OSV
OSV
added 2025/03/25 9:15 p.m.13 views

CVE-2025-27834

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...

7.8CVSS8.3AI score
Exploits0References1
OSV
OSV
added 2025/03/25 9:15 p.m.5 views

ALPINE-CVE-2025-27834

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...

7.8CVSS7.5AI score0.00255EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/25 12:0 a.m.20 views

CVE-2025-27834

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...

0.00255EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/03/25 12:0 a.m.14 views

CVE-2025-27834

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...

7.8CVSS6.8AI score0.00255EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/03/25 12:0 a.m.6 views

CVE-2025-27834

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...

7.8CVSS7.7AI score0.00255EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/12 11:30 a.m.13 views

CVE-2025-2125

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

5.3CVSS7.3AI score0.0032EPSS
Exploits0References1
OSV
OSV
added 2025/03/10 6:15 p.m.3 views

CVE-2024-55199

A Stored Cross Site Scripting XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to store JavaScript code inside a PDF file through the file upload feature. When the file is rendered, the injected code is executed on the user's browser...

5.4CVSS5.9AI score0.00284EPSS
Exploits1References2
NVD
NVD
added 2025/03/09 4:15 p.m.34 views

CVE-2025-2125

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

5.3CVSS0.0032EPSS
Exploits0References4
Rows per page
Query Builder