66 matches found
CVE-2026-53511
calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column definition with a python: template in calibre:usermetadata that is pass...
CVE-2026-53511
calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column definition with a python: template in calibre:usermetadata that is pass...
Foxit PDF Reader和Foxit PDF Editor 资源管理错误漏洞
Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have a resource management vulnerability. This vulnerability arises from the special XFA PDF...
Djena_Bertrand
Description This the writeup on the challenges we solved duri...
MiracleLinux 8 : python-pillow-5.1.1-16.el8 (AXSA:2021-2760:01)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2760:01 advisory. python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25288...
EUVD-2023-42359
Malicious code in bioql PyPI...
Fedora 40 : ghc-base64 / ghc-hakyll / ghc-isocline / ghc-toml-parser / gitit / etc (2024-7d83cbccb6)
The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-7d83cbccb6 advisory. Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: - backport fixes for CVE-2023-35936 and CVE-2023-38745 pandoc-cli: - new package for pand...
Fedora 38 : ghc-base64 / ghc-hakyll / gitit / pandoc / patat (2024-6ad6b9f417)
The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-6ad6b9f417 advisory. Security fix for CVE-2023-35936 and CVE-2023-38745 - pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 - base64 now packaged in Fedora...
Updated ghostpcl packages fix security vulnerability
An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format. CVE-2023-38560...
CVE-2023-38560
An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format...
Integer overflow
An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format...
CVE-2023-38560
An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format...
CVE-2023-38560 Ghostscript: integer overflow in pcl/pl/plfont.c:418 in pl_glyph_name
An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format...
CVE-2023-38560 Ghostscript: integer overflow in pcl/pl/plfont.c:418 in pl_glyph_name
An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format...
CVE-2023-38560
An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format...
CVE-2023-38560
An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format...
CVE-2023-38745
An arbitrary file write vulnerability was found in Haskell's Pandoc. This issue can be triggered by providing a specially crafted image element in the input when generating files using the --extract-media option or outputting to PDF format. This may allow an attacker to create or overwrite...
CVE-2023-35936
An arbitrary file write vulnerability was found in Haskell's Pandoc. This issue can be triggered by providing a specially crafted image element in the input when generating files using the --extract-media option or outputting to PDF format. This may allow an attacker to create or overwrite...
CVE-2023-38745
Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF format. This allows an attacker to create or overwrite arbitrary files, depending on the privileges of...
Path traversal
Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF format. This allows an attacker to create or overwrite arbitrary files, depending on the privileges of...