Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google pdfium - vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2015-1239
Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote malicious users to cause a denial of service (process crash) via a crafted PDF.
Uclouvain Openjpeg
Google Pdfium -
Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2016-5183
A heap use after free in PDFium in Google Chrome before 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote malicious user to potentially exploit heap corruption via crafted PDF files.
Google Chrome
1 Article
8.8
CVSSv3
CVE-2016-5184
PDFium in Google Chrome before 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFL_FormFillter::KillFocusForAnnot, which allowed a remote malicious user to potentially exploit heap corruption via crafted PDF files.
Google Chrome
1 Article
8.8
CVSSv3
CVE-2016-5203
A use after free in PDFium in Google Chrome before 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote malicious user to potentially exploit heap corruption via a crafted PDF file.
Google Chrome
6.3
CVSSv3
CVE-2016-5216
A use after free in PDFium in Google Chrome before 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote malicious user to perform an out of bounds memory read via a crafted PDF file.
Google Chrome
8.8
CVSSv3
CVE-2016-5210
Heap buffer overflow during TIFF image parsing in PDFium in Google Chrome before 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote malicious user to potentially exploit heap corruption via a crafted PDF file.
Google Chrome
8.8
CVSSv3
CVE-2017-5032
PDFium in Google Chrome before 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote malicious user to potentially exploit heap corruption via a crafted PDF file.
Google Chrome
8.8
CVSSv3
CVE-2017-5034
A use after free in PDFium in Google Chrome before 57.0.2987.98 for Linux and Windows allowed a remote malicious user to perform an out of bounds memory read via a crafted PDF file.
Google Chrome
8.8
CVSSv3
CVE-2018-20065
Handling of URI action in PDFium in Google Chrome before 71.0.3578.80 allowed a remote malicious user to initiate potentially unsafe navigations without a user gesture via a crafted PDF file.
Google Chrome
8.8
CVSSv3
CVE-2016-10403
Insufficient data validation on image data in PDFium in Google Chrome before 51.0.2704.63 allowed a remote malicious user to perform an out of bounds memory read via a crafted PDF file.
Google Chrome
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »