Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
podofo project podofo - vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-14320
This vulnerability allows remote malicious users to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists w...
Podofo Project Podofo -
9.8
CVSSv3
CVE-2015-8981
Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows malicious users to have unspecified impact via vectors related to m_offsets.size.
Podofo Project Podofo -
5.5
CVSSv3
CVE-2017-5855
The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted file.
Podofo Project Podofo 0.9.4
7.8
CVSSv3
CVE-2017-5886
Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote malicious users to have unspecified impact via a crafted file.
Podofo Project Podofo 0.9.4
5.5
CVSSv3
CVE-2018-11255
An issue exists in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
Podofo Project Podofo 0.9.5
5.5
CVSSv3
CVE-2018-5783
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Podofo Project Podofo 0.9.5
5.5
CVSSv3
CVE-2020-18971
Stack-based Buffer Overflow in PoDoFo v0.9.6 allows malicious users to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'.
Podofo Project Podofo 0.9.6
7.8
CVSSv3
CVE-2018-5308
PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
Podofo Project Podofo 0.9.5
5.5
CVSSv3
CVE-2018-12982
Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote malicious users to have denial-of-service impact via a crafted file.
Podofo Project Podofo 0.9.6
7.8
CVSSv3
CVE-2018-12983
A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote malicious users to cause a denial-of-service via a crafted pdf file.
Podofo Project Podofo 0.9.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »