CVE-2024-23449 Elasticsearch Uncaught Exception

An uncaught exception in Elasticsearch = 8.4.0 and 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypte...

Microsoft Edge Resource Management Error Vulnerability

Microsoft Edge is a web browser from Microsoft Corporation USA that comes with systems after Windows 10. A resource management error vulnerability exists in Microsoft Edge versions 79.0.309.71 through 118.0.2088.69, which stems from a boundary error when processing PDF files, allowing remote...

The vulnerability of the Kofax Power PDF Advanced software, which is used for creating, converting, editing, and publishing PDF files, relates to operations that occur outside the buffer in memory. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the Kofax Power PDF Advanced software for creating, converting, editing, and publishing PDF files stems from the execution of operations beyond the buffer in memory during PDF file processing. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

Input validation

Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input...

SUSE: Security Advisory (SUSE-SU-2023:0677-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2023-1530

Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2023-0933

Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: Medium...

K25359902: BIG-IP AAM security vulnerability CVE-2019-6601

Security Advisory Description The BIG-IP AAM wamd process used in the processing of images and PDFs fails to drop group permissions when executing helper scripts. CVE-2019-6601 Impact This issue does not have a direct exploit, but may be used in unknown ways when targeting the BIG-IP AAM module...

SUSE CVE-2017-18184

An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iteraterc4 in QPDFencryption.cc...

SUSE CVE-2021-30860

An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this...

CVE-2022-41957 muhammara vulnerable to Unchecked Return Value to NULL Pointer Dereference

Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...

MGASA-2022-0386 Updated poppler packages fix security vulnerability

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...

OESA-2022-1906 poppler security update

Poppler is a free software utility library for rendering Portable Document Format PDF documents. \Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes: Poppler...

Adobe Acrobat和Adobe Reader 资源管理错误漏洞

Adobe Acrobat and Adobe Reader are both products of Adobe Adobe Incorporated.Adobe Acrobat is a set of PDF file editing and conversion tools.Adobe Reader is a set of PDF document reading software. Adobe Acrobat and Adobe Reader there is a resource management error vulnerability, the vulnerability...

The software’s vulnerability regarding increasing the effective working time of components and equipment, as well as optimizing resource utilization in the SAP 3D Visual Enterprise Viewer, is related to insufficient validation of input data. This vulnerability allows a perpetrator to trigger an emergency shutdown of the application.

The vulnerability of the software for increasing the effective working time of components and equipment, as well as optimizing resource utilization in the SAP 3D Visual Enterprise Viewer, is related to insufficient validation of input data during PDF file processing. Exploiting this vulnerability...

多款Adobe产品缓冲区错误漏洞

Adobe Acrobat is a set of PDF file editing and conversion tools. The software is used to print, sign and annotate PDFs.Several Adobe products are vulnerable to an out-of-bounds reading vulnerability, which stems from a boundary error when processing PDF files. A remote attacker could use the...

多款Adobe产品缓冲区错误漏洞

Adobe Acrobat is a set of PDF file editing and conversion tools. The software is used to print, sign and annotate PDFs.Several Adobe products are vulnerable to an out-of-bounds reading vulnerability, which stems from a boundary error when processing PDF files. A remote attacker could use the...

OESA-2021-1148 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

PT-2020-20846 · Apple · Macos Big Sur +3

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 14.2 iPadOS versions prior to 14.2 macOS Big Sur versions prior to 11.0.1 Description: An out-of-bounds write issue was addressed with improved input validation. Processing a maliciously crafted PDF may lead to arbitrary...

Denial Of Service (DoS)

chromium-browser is vulnerable to denial of service DoS. The vulnerability exists when a PDF document is processed through j2k.c, jp2.c, and t2.c...