Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
podofo project podofo 0.9.6 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-18971
Stack-based Buffer Overflow in PoDoFo v0.9.6 allows malicious users to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'.
Podofo Project Podofo 0.9.6
605
VMScore
CVE-2018-20751
An issue exists in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at t...
Podofo Project Podofo 0.9.6
384
VMScore
CVE-2018-20797
An issue exists in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp.
Podofo Project Podofo 0.9.6
383
VMScore
CVE-2020-18972
Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows malicious users to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'.
Podofo Project Podofo 0.9.6
605
VMScore
CVE-2018-19532
A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an malicious user to cause Denial of Service.
Podofo Project Podofo 0.9.6
384
VMScore
CVE-2019-10723
An issue exists in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated.
Podofo Project Podofo 0.9.6
383
VMScore
CVE-2018-12982
Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote malicious users to have denial-of-service impact via a crafted file.
Podofo Project Podofo 0.9.6
605
VMScore
CVE-2018-12983
A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote malicious users to cause a denial-of-service via a crafted pdf file.
Podofo Project Podofo 0.9.6
668
VMScore
CVE-2019-9687
PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp.
Podofo Project Podofo 0.9.6
Fedoraproject Fedora 29
605
VMScore
CVE-2019-9199
PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an malicious user to cause Denial of Service (Segmentation fault)...
Podofo Project Podofo 0.9.6
Fedoraproject Fedora 29
Fedoraproject Fedora 30
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »