CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Tenable Nessus•added 2021/07/29 12:0 a.m.•32 views

Ubuntu 18.04 LTS / 20.04 LTS : QPDF vulnerabilities (USN-5026-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5026-1 advisory. It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume...

5.5CVSS5.7AI score0.00107EPSS

Exploits1References3

RedhatCVE•added 2021/07/21 7:20 p.m.•28 views

CVE-2021-36978

QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in PlASCII85Decoder::write called from PlAESPDF::flush and PlAESPDF::finish when a certain downstream write fails...

7.8CVSS3.5AI score0.00079EPSS

Exploits0References3

OSV•added 2021/07/20 7:15 a.m.•23 views

CVE-2021-36978

QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in PlASCII85Decoder::write called from PlAESPDF::flush and PlAESPDF::finish when a certain downstream write fails...

5.5CVSS7.2AI score

Exploits0References6

NVD•added 2021/07/20 7:15 a.m.•14 views

CVE-2021-36978

QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in PlASCII85Decoder::write called from PlAESPDF::flush and PlAESPDF::finish when a certain downstream write fails...

5.5CVSS0.00079EPSS

Exploits0References6

Prion•added 2021/07/20 7:15 a.m.•17 views

Heap overflow

QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in PlASCII85Decoder::write called from PlAESPDF::flush and PlAESPDF::finish when a certain downstream write fails...

4.3CVSS5.5AI score0.00079EPSS

Exploits0References6Affected Software1

UbuntuCve•added 2021/07/20 7:15 a.m.•18 views

CVE-2021-36978

QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in PlASCII85Decoder::write called from PlAESPDF::flush and PlAESPDF::finish when a certain downstream write fails...

5.5CVSS5.9AI score0.00079EPSS

Exploits0References4

CVE•added 2021/07/20 12:0 a.m.•96 views

CVE-2021-36978

Summary: CVE-2021-36978 affects QPDF versions 9.x up to 9.1.1 and 10.x up to 10.0.4, due to a heap-based buffer overflow in Pl_ASCII85Decoder::write (invoked via Pl_AES_PDF::flush/finish) when a downstream write fails. This can enable arbitrary code execution or, per reports, cause crashes or ins...

5.5CVSS5.7AI score0.00079EPSS

Exploits0References6Affected Software1

Vulnrichment•added 2021/07/20 12:0 a.m.•17 views

CVE-2021-36978

QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in PlASCII85Decoder::write called from PlAESPDF::flush and PlAESPDF::finish when a certain downstream write fails...

7.7AI score0.00079EPSS

Exploits0References6

Debian CVE•added 2021/07/20 12:0 a.m.•30 views

CVE-2021-36978

QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in PlASCII85Decoder::write called from PlAESPDF::flush and PlAESPDF::finish when a certain downstream write fails...

5.5CVSS4.4AI score0.00079EPSS

Exploits0

OSV•added 2020/12/06 12:0 a.m.•14 views

OSV-2020-2245 Heap-buffer-overflow in Pl_ASCII85Decoder::write

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28262 Crash type: Heap-buffer-overflow WRITE 1 Crash state: PlASCII85Decoder::write PlAESPDF::flush PlAESPDF::finish...

7.2AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by