1067 matches found
CVE-2024-4327
A vulnerability was found in Apryse WebViewer up to 10.8.0. It has been classified as problematic. This affects an unknown part of the component PDF Document Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to...
CVE-2023-41257
A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker...
CVE-2022-29851
documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document...
CVE-2020-10222
npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::getproperty+2381 via a crafted PDF document...
CVE-2020-35931
An issue was discovered in Foxit Reader before 10.1.1 and before 4.1.1 on macOS and PhantomPDF before 9.7.5 and 10.x before 10.1.1 and before 4.1.1 on macOS. An attacker can spoof a certified PDF document via an Evil Annotation Attack because the products fail to consider a null value for a Subty...
CVE-2020-26536
An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is a NULL pointer dereference via a crafted PDF document...
CVE-2015-8580
Multiple use-after-free vulnerabilities in the 1 Print method and 2 App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document...
CVE-2017-14680
ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document...
CVE-2012-4914
Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a PDF document with a crafted stream...
CVE-2011-4220
Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PDF document...
CVE-2012-4337
Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references...
CVE-2025-27834
A flaw was found in Artifex Ghostscript. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease ...
CVE-2025-27834
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...
ALPINE-CVE-2025-27834
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...
CVE-2025-27834
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...
CVE-2025-27834
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...
CVE-2025-27834
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...
CVE-2025-2125
A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...
CVE-2024-55199
A Stored Cross Site Scripting XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to store JavaScript code inside a PDF file through the file upload feature. When the file is rendered, the injected code is executed on the user's browser...
CVE-2025-2125
A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...