Lucene search
K

75 matches found

CVE
CVE
added 2020/02/11 5:31 p.m.55 views

CVE-2013-1607

CVE-2013-1607 affects the Ruby PDFKit gem prior to 0.5.3. The vulnerability arises from improper input validation/handling during PDF generation, allowing potential remote code execution. Affected component: PDFKit Ruby gem; root cause: parameter handling/validation flaw; impact: remote code exec...

9.8CVSS9.4AI score0.02675EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/02/11 5:31 p.m.24 views

CVE-2013-1607

Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability...

9.6AI score0.02675EPSS
Exploits0References2
Veracode
Veracode
added 2019/11/22 10:54 a.m.8 views

Denial Of Service (DoS) Via Infinite Loop

pdfkit is vulnerable to denial of service attacks. When a single character exceeds the width of a empty line, the line wrapper keeps adding new lines in an infinite loop, leading to an application crash...

2.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/04/10 12:0 a.m.16 views

macOS 10.13.x < 10.13.4 Multiple Vulnerabilities

Binary data 700515.prm...

9.8CVSS9AI score0.08523EPSS
Exploits4References36
CNVD
CNVD
added 2018/04/23 12:0 a.m.2 views

Apple macOS High Sierra PDFKit Security Bypass Vulnerability

Apple macOS High Sierra is the United States Apple Apple company's set of Mac computers developed specifically for the operating system. PDFKit is one of the PDF document generation components. A security vulnerability exists in the PDFKit component in Apple macOS High Sierra versions prior to...

6.5CVSS6.6AI score0.02081EPSS
Exploits0References1
NVD
NVD
added 2018/04/03 6:29 a.m.17 views

CVE-2018-4107

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "PDFKit" component. It allows remote attackers to bypass intended restrictions on visiting URLs within a PDF document...

6.5CVSS5.6AI score0.02081EPSS
Exploits0References3
OSV
OSV
added 2018/04/03 6:29 a.m.4 views

CVE-2018-4107

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "PDFKit" component. It allows remote attackers to bypass intended restrictions on visiting URLs within a PDF document...

6.5CVSS5.8AI score0.02081EPSS
Exploits0References3
Prion
Prion
added 2018/04/03 6:29 a.m.16 views

Design/Logic Flaw

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "PDFKit" component. It allows remote attackers to bypass intended restrictions on visiting URLs within a PDF document...

4.3CVSS5.5AI score0.02081EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/04/03 6:0 a.m.19 views

CVE-2018-4107

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "PDFKit" component. It allows remote attackers to bypass intended restrictions on visiting URLs within a PDF document...

6.8AI score0.02081EPSS
Exploits0References3
CVE
CVE
added 2018/04/03 6:0 a.m.58 views

CVE-2018-4107

CVE-2018-4107 affects macOS before 10.13.4, specifically the PDFKit component. The issue allows a PDF to bypass restrictions on visiting URLs contained in the document, enabling a remote attacker to direct a user to a malicious website via crafted PDF content. The vulnerability stems from parsing...

6.5CVSS6.5AI score0.02081EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/04/02 12:0 a.m.93 views

macOS 10.13.x < 10.13.4 Multiple Vulnerabilities

The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.4. It is, therefore, affected by multiple vulnerabilities in the following components : - Admin Framework - APFS - ATS - CoreFoundation - CoreText - Disk Images - Disk Management - File System Events - iCloud...

10CVSS7.8AI score0.04722EPSS
Exploits5References43
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The PDFkit.framework package for the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS7.1AI score0.04403EPSS
Exploits0References3Affected Software1
seebug.org
seebug.org
added 2013/03/19 12:0 a.m.32 views

Apple Mac OS X 释放后重用远程代码执行漏洞

BUGTRAQ ID: 58509 CVECAN ID: CVE-2013-0971 Apple Mac OS X是苹果电脑操作系统软件。 Apple Mac OS X 10.8.3之前版本PDFKit内存在释放后重用漏洞,通过PDF文档内的特制链接注释,远程攻击者可执行任意代码或造成拒绝服务。 0 Apple Mac OS X 10.7.4 Apple Mac OS X 10.7.3 Apple Mac OS X 10.7.2 Apple Mac OS X 10.7.1 Apple Mac OS X Server 10.7.4 Apple Mac OS X Server 10.7.3...

6.8CVSS6.4AI score0.01844EPSS
Exploits2
NVD
NVD
added 2013/03/15 8:55 p.m.29 views

CVE-2013-0971

Use-after-free vulnerability in PDFKit in Apple Mac OS X before 10.8.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted ink annotations in a PDF document...

6.8CVSS6.9AI score0.01844EPSS
Exploits2References1
Prion
Prion
added 2013/03/15 8:55 p.m.21 views

Design/Logic Flaw

Use-after-free vulnerability in PDFKit in Apple Mac OS X before 10.8.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted ink annotations in a PDF document...

6.8CVSS8AI score0.01844EPSS
Exploits2References1Affected Software2
CVE
CVE
added 2013/03/15 1:0 a.m.68 views

CVE-2013-0971

CVE-2013-0971 is a use-after-free vulnerability in Apple Mac OS X PDFKit prior to 10.8.3. An attacker can trigger memory corruption via crafted ink annotations in a PDF, leading to arbitrary code execution or an application crash (DoS). Public references describe the affected component as PDFKit ...

6.8CVSS7.6AI score0.01844EPSS
Exploits2References1Affected Software2
Cvelist
Cvelist
added 2013/03/15 1:0 a.m.32 views

CVE-2013-0971

Use-after-free vulnerability in PDFKit in Apple Mac OS X before 10.8.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted ink annotations in a PDF document...

6.9AI score0.01844EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2013/03/15 12:0 a.m.42 views

Mac OS X 10.8.x < 10.8.3 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.3. The newer version contains multiple security-related fixes for the following components : - Apache - CoreTypes - International Components for Unicode - Identity Services - ImageIO - IOAcceleratorFamily - Kernel - Log...

9.3CVSS8.2AI score0.06459EPSS
Exploits13References15
Tenable Nessus
Tenable Nessus
added 2013/03/15 12:0 a.m.82 views

Mac OS X Multiple Vulnerabilities (Security Update 2013-001)

The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2013-001 applied. This update contains numerous security-related fixes for the following components : - Apache - CoreTypes 10.7 only - International Components for Unicode - Identity Services 10.7 onl...

9.3CVSS8AI score0.99449EPSS
Exploits36References17
RubySec
RubySec
added 2013/02/21 12:0 a.m.14 views

PDFKit Gem for Ruby PDF File Generation Parameter Handling Remote Code Execution

PDFKit Gem for Ruby contains a flaw that is due to the program failing to properly validate input during the handling of parameters when generating PDF files. This may allow a remote attacker to potentially execute arbitrary code via the pdfkit generation options...

9.8CVSS7.7AI score0.02675EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder