Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Podofo ProjectPodofo

16 matches found

CVE
CVEadded 2018/01/09 5:29 a.m.143 views

CVE-2018-5309

In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.

5.5CVSS6.2AI score0.00232EPSS
CVE
CVEadded 2018/03/09 7:29 p.m.143 views

CVE-2018-8001

In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName() in PdfName.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.

7.8CVSS8.2AI score0.0019EPSS
CVE
CVEadded 2018/01/08 7:29 a.m.139 views

CVE-2018-5295

In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.

5.5CVSS6.9AI score0.00374EPSS
CVE
CVEadded 2018/01/08 7:29 a.m.135 views

CVE-2018-5296

In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.

5.5CVSS6.3AI score0.00374EPSS
CVE
CVEadded 2018/01/09 5:29 a.m.129 views

CVE-2018-5308

PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.

7.8CVSS8.5AI score0.00206EPSS
CVE
CVEadded 2018/03/09 7:29 p.m.84 views

CVE-2018-8002

In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file...

8.8CVSS8.6AI score0.02048EPSS
CVE
CVEadded 2018/05/18 7:29 p.m.78 views

CVE-2018-11254

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054.

5.5CVSS6.3AI score0.00402EPSS
CVE
CVEadded 2018/06/29 5:29 a.m.78 views

CVE-2018-12983

A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file.

7.8CVSS5.9AI score0.00497EPSS
CVE
CVEadded 2018/05/18 7:29 p.m.76 views

CVE-2018-11255

An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.

5.5CVSS6.2AI score0.00232EPSS
CVE
CVEadded 2018/05/18 7:29 p.m.76 views

CVE-2018-11256

An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append() in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.

6.5CVSS6.7AI score0.00565EPSS
CVE
CVEadded 2018/01/19 8:29 a.m.76 views

CVE-2018-5783

In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.

5.5CVSS6.2AI score0.00374EPSS
CVE
CVEadded 2018/03/09 7:29 p.m.72 views

CVE-2018-8000

In PoDoFo 0.9.5, there exists a heap-based buffer overflow vulnerability in PoDoFo::PdfTokenizer::GetNextToken() in PdfTokenizer.cpp, a related issue to CVE-2017-5886. Remote attackers could leverage this vulnerability to cause a denial-of-service or potentially execute arbitrary code via a crafted...

8.8CVSS8.8AI score0.03509EPSS
CVE
CVEadded 2018/01/27 3:29 p.m.69 views

CVE-2018-6352

In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file.

5.5CVSS5.3AI score0.00374EPSS
CVE
CVEadded 2018/11/26 2:29 a.m.67 views

CVE-2018-19532

A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an attacker to cause Denial of Service.

8.8CVSS8.2AI score0.00336EPSS
CVE
CVEadded 2018/06/29 5:29 a.m.65 views

CVE-2018-12982

Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file.

5.5CVSS6.4AI score0.00374EPSS
CVE
CVEadded 2018/09/17 6:29 p.m.49 views

CVE-2018-14320

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within PdfEncoding::ParseT...

6.5CVSS7.3AI score0.00525EPSS