CVE-2026-23687 XML Signature Wrapping in SAP NetWeaver AS ABAP and ABAP Platform

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information, unauthorized access to sensitive...

CVE-2021-41830

It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory...

CVE-2025-55311

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital signature verification b...

CVE-2025-55311

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital signature verification b...

Foxit PhantomPDF Multiple Vulnerabilities (Oct 2025) - Windows

Foxit PhantomPDF is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:phantompdf";...

EUVD-2021-28831

Malicious code in bioql PyPI...

USN-7504-1 libreoffice vulnerability

Juraj Šarinay discovered that LibreOffice incorrectly handled verifying PDF signatures. A remote attacker could possibly use this issue to generate PDF files that appear to have a valid signature...

RHEL 8 : libreoffice (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libreoffice: Incorrect trust validation of signature with ambiguous KeyInfo children CVE-2021-25636 -...

CVE-2022-25641

Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack...

CVE-2022-25641

Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack...

CVE-2022-25641

Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack...

CVE-2021-40326

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification...

Design/Logic Flaw

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification...

CVE-2021-40326

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification...

CVE-2021-40326

CVE-2021-40326 affects Foxit PDF Reader before 11.1, Foxit PDF Editor before 11.1, and Foxit PhantomPDF before 10.1.6. The flaw stems from mishandling hidden and incremental data in digitally signed PDFs, enabling an attacker to write to an arbitrary file and display controlled contents during si...

CVE-2022-25641

Affected software : Foxit PDF Reader < 11.2.2, Foxit PDF Editor < 11.2.2, and PhantomPDF

CVE-2022-25641

Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack...

Security update for libreoffice (moderate)

openSUSE Security Update: Security update for libreoffice Announcement ID: openSUSE-SU-2022:0886-1 Rating: moderate References: 1196456 SLE-18214 Cross-References: CVE-2021-25636 CVSS scores: CVE-2021-25636 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2021-25636 SUSE: 6.3...

Foxit PhantomPDF < 10.1.6 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 10.1.6. It is, therefore affected by multiple vulnerabilities: - Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow...

Apache OpenOffice Data Forgery Issue Vulnerability

Apache OpenOffice is an open source office software suite from the Apache Apache Foundation. The suite contains text documents, spreadsheets, presentations, drawings, databases, etc. Apache OpenOffice is vulnerable to a data forgery issue in versions prior to 4.1.10, which stems from a networked...