Lucene search
K
GonitroNitro Pdf Pro

7 matches found

CVE
CVE
added 2017/02/10 5:0 p.m.65 views

CVE-2016-8709

CVE-2016-8709 (Nitro Pro) is a remote memory corruption flaw in Nitro Pro 10’s PDF parsing, caused by an out-of-bounds write in the npdf.dll path. Exploitation requires a crafted PDF file and can result in memory corruption or code execution, as detailed in Talos’ Nitro Pro PDF Handling Code Exec...

8.8CVSS7.7AI score0.01293EPSS
CVE
CVE
added 2017/02/10 5:0 p.m.57 views

CVE-2016-8713

CVE-2016-8713 corresponds to a memory-corruption vulnerability in Nitro Pro 10.5.9.9. Public analyses describe a remote or local memory corruption due to an out-of-bounds write in Nitro Pro’s PDF parsing path. The vulnerability centers on code in the npdf.dll module handling PDF content (e.g., op...

8.8CVSS7.7AI score0.01057EPSS
CVE
CVE
added 2017/02/10 5:0 p.m.53 views

CVE-2016-8711

Nitro Pro 10 is affected by a remote code execution vulnerability in its PDF parsing functionality. The flaw is reported in the npdf.dll path (Nitro Pro’s PDF handling), where a crafted PDF can trigger code execution. Public writeups (Talos/Nitro) describe a memory-related condition inside CxImag...

8.8CVSS8AI score0.01958EPSS
CVE
CVE
added 2026/01/08 12:0 a.m.28 views

CVE-2025-67825

CVE-2025-67825 affects Nitro PDF Pro for Windows prior to 14.42.0.34. The issue arises when signer information is taken from a non-verified PDF field instead of the verified certificate subject, allowing a document to display inconsistent signer details. The root cause is tied to the display logi...

5.5CVSS6.2AI score0.00085EPSS
CVE
CVE
added 2026/04/13 12:0 a.m.19 views

CVE-2025-66769

A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows an attacker to cause a Denial of Service via a crafted XFA packet. Affected product: Nitro PDF Pro for Windows; vulnerability type: NULL pointer dereference in XFA handling; impact: DoS (availability impact high). No exploi...

7.5CVSS5.8AI score0.00442EPSS
CVE
CVE
added 2026/04/13 12:0 a.m.12 views

CVE-2025-69627

CVE-2025-69627 : Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free in the JavaScript method this.mailDoc(). During execution, an internal XID object is allocated and freed prematurely, after which the freed pointer is still passed into UI and logging helper functions. The freed m...

8.4CVSS5.8AI score0.00199EPSS
CVE
CVE
added 2026/04/13 12:0 a.m.11 views

CVE-2025-69624

Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference in the JavaScript app.alert() implementation. When called with more than one argument and the first is null (e.g., app.alert(app.activeDocs, true) with activeDocs null), the engine routes to a fallback path for non-string arg...

7.5CVSS5.9AI score0.00428EPSS