Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
podofo project podofo - vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-14320
This vulnerability allows remote malicious users to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists w...
Podofo Project Podofo -
7.5
CVSSv2
CVE-2015-8981
Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows malicious users to have unspecified impact via vectors related to m_offsets.size.
Podofo Project Podofo -
4.3
CVSSv2
CVE-2020-18971
Stack-based Buffer Overflow in PoDoFo v0.9.6 allows malicious users to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'.
Podofo Project Podofo 0.9.6
4.3
CVSSv2
CVE-2018-5295
In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
Podofo Project Podofo 0.9.5
4.3
CVSSv2
CVE-2018-5296
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
Podofo Project Podofo 0.9.5
6.8
CVSSv2
CVE-2021-30472
A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value.
Podofo Project Podofo 0.9.7
4.3
CVSSv2
CVE-2017-5855
The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted file.
Podofo Project Podofo 0.9.4
6.8
CVSSv2
CVE-2018-5308
PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
Podofo Project Podofo 0.9.5
4.3
CVSSv2
CVE-2018-5309
In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
Podofo Project Podofo 0.9.5
4.3
CVSSv2
CVE-2017-7381
The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
Podofo Project Podofo 0.9.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »