26 matches found
Astra Linux - уязвимость в qpdf
It was discovered that QPDF v8.4.2 contains a heap buffer overflow vulnerability through the QPDF::processXRefStream function. This vulnerability allows attackers to cause a Denial of Service DoS attack through a crafted PDF file...
EUVD-2017-9318
Malware in sbrugna...
EUVD-2017-18147
Malware in sbrugna...
EUVD-2018-9759
Malware in sbrugna...
EUVD-2018-21510
Malware in sbrugna...
EUVD-2022-37458
Malicious code in bioql PyPI...
NewStart CGSL MAIN 7.02 : qpdf Vulnerability (NS-SA-2025-0178)
The remote NewStart CGSL host, running version MAIN 7.02, has qpdf packages installed that are affected by a vulnerability: - Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::sharedcount function at /bits/sharedptrbase.h. CVE-2024-24246 Note...
NewStart CGSL MAIN 7.02 : qpdf Vulnerability (NS-SA-2025-0077)
The remote NewStart CGSL host, running version MAIN 7.02, has qpdf packages installed that are affected by a vulnerability: - Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::sharedcount function at /bits/sharedptrbase.h. CVE-2024-24246 Note...
ROS-20250403-02
A vulnerability in the QPDF PDF conversion command line utility is related to the creation of a .pdf file with the PlASCII85Decoder::write parameter in libqpdf. .pdf file with the PlASCII85Decoder::write parameter in libqpdf. Exploitation of the vulnerability could allow an attacker to execute...
Linux Distros Unpatched Vulnerability : CVE-2017-18185
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the PlBuffer::write function in PlBuffer.cc. It is caused by an...
USN-6713-1 qpdf vulnerability
It was discovered that QPDF incorrectly handled certain memory operations when decoding JSON files. If a user or automated system were tricked into processing a specially crafted JSON file, QPDF could be made to crash, resulting in a denial of service, or possibly execute arbitrary code...
Ubuntu 23.10 : QPDF vulnerability (USN-6713-1)
The remote Ubuntu 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6713-1 advisory. It was discovered that QPDF incorrectly handled certain memory operations when decoding JSON files. If a user or automated system were tricked into processing a...
DEBIAN-CVE-2024-24246
Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::sharedcount function at /bits/sharedptrbase.h...
Important: qpdf
Issue Overview: An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in libqpdf. CVE-2021-25786 QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in...
UBUNTU-CVE-2021-25786
An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in libqpdf...
SUSE CVE-2018-9918
libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service stack exhaustion, related to the QPDFObjectHandle and QPDFDictionary classes, because nesting in direct objects is not restricted...
USN-5026-1 qpdf vulnerabilities
It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-18020 It was discovered that QPDF incorrectly handled certa...
Arbitrary Code Execution
QPDF is vulnerable to arbitrary code execution. A heap-based buffer overflow in PlASCII85Decoder::write called from PlAESPDF::flush and PlAESPDF::finish allows an attacker to execute arbitrary code in the host OS when a certain downstream write fails...
MGASA-2018-0232 Updated qpdf packages fix security vulnerability
A flaw was found in QPDF through 8.0.2. libqpdf.a mishandles certain 'expected dictionary key but found non-name object' cases, allowing remote attackers to cause a denial of service stack exhaustion, related to the QPDFObjectHandle and QPDFDictionary classes CVE-2018-9918...
USN-3638-1 qpdf vulnerabilities
It was discovered that QPDF incorrectly handled certain malformed files. A remote attacker could use this issue to cause QPDF to crash, resulting in a denial of service, or possibly execute arbitrary code...