Filtered by vendor Podofo Project
Subscribe
Total
61 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-6848 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
| CVE-2017-6847 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
| CVE-2017-6846 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
| CVE-2017-6845 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
| CVE-2017-6844 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | |||||
| CVE-2017-6843 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | |||||
| CVE-2017-6842 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
| CVE-2017-6841 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
| CVE-2017-6840 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file. | |||||
| CVE-2017-5886 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | |||||
| CVE-2017-5855 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
| CVE-2017-5854 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | |||||
| CVE-2017-5853 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | |||||
| CVE-2017-5852 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted file. | |||||
| CVE-2015-8981 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows attackers to have unspecified impact via vectors related to m_offsets.size. | |||||
| CVE-2023-2241 | 1 Podofo Project | 1 Podofo | 2024-05-17 | 4.3 MEDIUM | 7.8 HIGH |
| A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 535a786f124b739e3c857529cecc29e4eeb79778. It is recommended to apply a patch to fix this issue. VDB-227226 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-31555 | 1 Podofo Project | 1 Podofo | 2024-02-28 | N/A | 6.5 MEDIUM |
| podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad. | |||||
| CVE-2023-31556 | 1 Podofo Project | 1 Podofo | 2024-02-28 | N/A | 6.5 MEDIUM |
| podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent. | |||||
| CVE-2023-31568 | 1 Podofo Project | 1 Podofo | 2024-02-28 | N/A | 8.8 HIGH |
| Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4. | |||||
| CVE-2023-31566 | 1 Podofo Project | 1 Podofo | 2024-02-28 | N/A | 8.8 HIGH |
| Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted(). | |||||