AZL-67076 CVE-2025-40928 affecting package perl-JSON-XS for versions less than 4.04-1

JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact...

Linux Distros Unpatched Vulnerability : CVE-2022-41844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and...

CVE-2024-7897

A vulnerability classified as critical has been found in Tosei Online Store Management System ネット店舗管理システム 4.02/4.03/4.04. This affects an unknown part of the file /cgi-bin/toseikikai.php. The manipulation of the argument kikaibangou leads to command injection. It is possible to initiate the attac...

PT-2024-38667 · Unknown · Tosei Online Store Management System

Name of the Vulnerable Software and Affected Versions: Tosei Online Store Management System versions 4.02 through 4.04 Description: A critical issue affects some unknown functionality of the file /cgi-bin/p1 ftpserver.php. The manipulation of the adr txt argument leads to command injection. The...

Xpdf: Multiple Vulnerabilities

Background Xpdf is an X viewer for PDF files. Description Multiple vulnerabilities have been discovered in Xpdf. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

Xpdf 安全漏洞

Xpdf is a free PDF viewer and toolkit from Xpdf, including a text extractor, image converter, HTML converter and more. A security vulnerability exists in Xpdf version 4.04, which stems from the presence of a runtime deadlock problem...

PT-2023-20858 · Xpdf · Xpdf

Name of the Vulnerable Software and Affected Versions: XPDF version 4.04 Description: A Buffer Overflow issue has been discovered, allowing an attacker to cause a Denial of Service via gmalloc in gmem.cc. Recommendations: For XPDF version 4.04, at the moment, there is no information about a newer...

PT-2023-21289 · Xpdf · Xpdf

Name of the Vulnerable Software and Affected Versions: xpdf version 4.04 Description: A stack overflow was discovered in the pdftotext component of xpdf. Recommendations: For xpdf version 4.04, at the moment, there is no information about a newer version that contains a fix for this issue...

CVE-2022-43071

A stack overflow in the Catalog::readPageLabelTree2Object function of XPDF v4.04 allows attackers to cause a Denial of Service DoS via a crafted PDF file...

XPDF Resource Management Error Vulnerability (CNVD-2022-69157)

XPDF is an open source PDF reader. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A resource management error vulnerability exists in XPDF version 4.04, which stems from a crash in the gfseek IOFILE, long, int function in goo/gfile.cc. No details of...

PT-2022-26093 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: Xpdf version 4.04 Description: An issue was discovered that causes a crash in the gfseek IO FILE, long, int function in the goo/gfile.cc file. Recommendations: For Xpdf version 4.04, as a temporary workaround, consider disabling the gfseek...

PT-2022-26094 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: Xpdf version 4.04 Description: A problem has been detected in the convertToType0 function in the fofi/FoFiType1C.cc file, causing a crash. This issue is distinct from other known vulnerabilities. Recommendations: For Xpdf version 4.04, consid...

PT-2022-24618 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: XPDF version 4.04 Description: The issue is related to a Null Pointer Dereference in the FoFiType1C.cc file at line 2393. This is a general information about the problem, but specific details about the estimated number of potentially affected...

CVE-2022-38171

CVE-2022-38171 describes an integer overflow in the JBIG2 decoder of Xpdf (JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc) that can crash or allow arbitrary code execution when processing a crafted PDF or JBIG2 image. Publicly documented impact aligns with prior CVEs (e.g., CVE-2021-30860) and ...

Xpdf 安全漏洞

Xpdf is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A security vulnerability exists in Xpdf version 4.04, which stems from an excessive memory allocation when displaying well-designed input...

MacPaw CleanMyMac X Input Validation Vulnerability (CNVD-2019-23283)

MacPaw CleanMyMac X is a cleaning tool dedicated to the macOS platform. The product is capable of removing junk files, history cache, logs, etc. from your computer. An input validation vulnerability exists in the MacPaw CleanMyMac X version 4.04 helper service, which can be exploited by a local...

JVN#58102473: WEB PATIO vulnerable to cross-site scripting

WEB PATIO is a bulletin-board software. WEB PATIO contains a vulnerability in handling cookies, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...

JVN#33171616: WEB PATIO vulnerable to cross-site scripting

WEB PATIO is a bulletin-board software. WEB PATIO contains a vulnerability in handling web form entries, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the...

TWiki 4.0.x - 'Viewfile' Directory Traversal

source: https://www.securityfocus.com/bid/19907/info Twiki is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected...

pine-bof-10000.txt

Date: Mon, 8 Feb 1999 21:19:29 +0000 From: Chris Evans To: [email protected] Subject: Pine again : Hi, PINE seems to be flavour of the month so I'll add to Michal's post. This is much less serious than Michal's problem but probably noteworthy anyway. PINE can be made to crash if /var/spool/mai...