9 matches found
EUVD-2019-3803
Malware in sbrugna...
EUVD-2019-3802
Malware in sbrugna...
CVE-2019-12154
XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to supply malicious XML content in externally referenced resources, leading to disclosure of local file contents and/or denial of service conditions...
CVE-2019-12154
XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to supply malicious XML content in externally referenced resources, leading to disclosure of local file contents and/or denial of service conditions...
Race condition
XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to supply malicious XML content in externally referenced resources, leading to disclosure of local file contents and/or denial of service conditions...
CVE-2019-12154
RealObjects PDFreactor prior to 10.1.10722 is affected by a XXE flaw in the XML parser library triggered by malicious XML in externally referenced resources. This can disclose local file contents and may cause denial of service. If you use PDFreactor, upgrade to the maintenance release 10-1-10722...
CVE-2019-12154
XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to supply malicious XML content in externally referenced resources, leading to disclosure of local file contents and/or denial of service conditions...
CVE-2019-12153
RealObjects PDFreactor (before 10.1.10722) contains a flaw in its HTML parser that fails validation, enabling server-side request forgery (SSRF) by supplying malicious HTML content. The issue can allow an attacker to access network or file resources from the server. Public references indicate the...
CVE-2019-12153
Lack of validation in the HTML parser in RealObjects PDFreactor before 10.1.10722 leads to SSRF, allowing attackers to access network or file resources on behalf of the server by supplying malicious HTML content...