CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

SUSE CVE•added 2023/02/15 4:32 a.m.•3 views

SUSE CVE-2018-5158

The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR 52.8 and Firefox 60...

8.8CVSS8AI score0.43031EPSS

Exploits0References16

Veracode•added 2019/05/16 2:25 a.m.•28 views

Code Injection

pdfjs-dist is vulnerable to code injection vulnerability. This is because it does not sufficiently sanitize PostScript calculator functions which allows an attacker to inject malicious JavaScript through a crafted PDF file...

8.8CVSS9.2AI score0.43031EPSS

Exploits0References14Affected Software2

OSV•added 2018/06/11 9:29 p.m.•2 views

DEBIAN-CVE-2018-5158

8.8CVSS8.2AI score0.43031EPSS

Exploits0References1

Prion•added 2018/06/11 9:29 p.m.•22 views

Code injection

6.8CVSS8.2AI score0.43031EPSS

Exploits0References11Affected Software10

Snyk•added 2018/06/11 4:48 p.m.•1 views

Cross-site Scripting (XSS)

Overview pdfjs-dist is a Portable Document Format PDF library that is built with HTML5. Affected versions of this package are vulnerable to Cross-site Scripting XSS. The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through...

8.8CVSS8AI score0.43031EPSS

Exploits0References2

RedHat Linux•added 2018/05/14 3:19 p.m.•3 views

Mozilla: Malicious PDF can inject JavaScript into PDF Viewer

8.8CVSS7.2AI score0.43031EPSS

Exploits0References5

CNVD•added 2018/05/11 12:0 a.m.•1 views

Mozilla Firefox JavaScript Injection Vulnerability

Mozilla Firefox browser Firefox is a free, open source browser for Windows, Linux and MacOSX platforms. A malicious JavaScript injection vulnerability exists in Mozilla Firefox. The vulnerability arises because the PDF viewer fails to adequately validate the PostScript calculator functionality. T...

8.8CVSS8.9AI score0.43031EPSS

Exploits0References1

UbuntuCve•added 2018/05/10 12:0 a.m.•37 views

CVE-2018-5158

8.8CVSS7.2AI score0.43031EPSS

Exploits0References3

Mozilla•added 2018/05/09 12:0 a.m.•557 views

Security vulnerabilities fixed in Firefox 60 — Mozilla

A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially...

9.8CVSS10AI score0.43031EPSS

Exploits3References28Affected Software1

Source Incite•added 2016/06/09 12:0 a.m.•27 views

SRC-2016-0039 : Microsoft Windows PDF Library PostScript Calculator Out-of-Bounds Read Information Disclosure Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of the Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file...

6.5CVSS6.6AI score0.32313EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by